Lucene search
+L

7 matches found

RedHat Linux
RedHat Linux
added 2022/12/08 1:25 p.m.98 views

Moderate: Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.18.3 release and security update

A minor version update from 3.14.5 to 3.18.3 is now available for Camel for Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

9.8CVSS7AI score0.99931EPSS
Exploits42References5
Spring Security Advisories
Spring Security Advisories
added 2022/10/24 7:0 a.m.85 views

This Week in Spring - October 25th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! When last we spoke, I was in Las Vegas, NV, for the JavaOne show. It was amazing! Im in sunny Singapore, then off to Malaysia and Thailand. Its the first time Ive been to any of these places since 2019! How good it is to be...

4.8AI score0.00604EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2022/10/20 12:45 p.m.145 views

CVE-2022-31684: Reactor Netty HTTP Server may log request headers

The Reactor Netty 1.0.24 release on October 11 included fix for CVE-2022-31684 affecting Reactor Netty HTTP Server. Users are encouraged to update as soon as possible. Reactor Netty is used internally in many frameworks including Spring WebFlux and its WebClient. If you have a Spring Boot...

1.2AI score0.00604EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.8 views

CVE-2022-31684

Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...

6.6AI score0.00604EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/19 12:0 a.m.46 views

CVE-2022-31684

Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...

4.8AI score0.00604EPSS
Exploits0References1
CVE
CVE
added 2022/10/19 12:0 a.m.140 views

CVE-2022-31684

CVE-2022-31684 affects Tanzu VMware Reactor Netty (HTTP Server) versions 1.0.11–1.0.23. The issue is that request headers may be logged in certain invalid HTTP requests when WARN logging is enabled, potentially exposing valid access tokens found in those logs. The connected Red Hat and IBM adviso...

4.3CVSS4.3AI score0.00604EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/19 12:0 a.m.26 views

CVE-2022-31684

Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...

4.3CVSS6.6AI score0.00604EPSS
Exploits0References3
Rows per page
Query Builder