7 matches found
CVE-2023-34062
A flaw was found in the Reactor Netty HTTP Server. If the server is configured to serve static resources, an attacker can use a specially crafted URL that may allow unauthorized access to privileged data on the server...
ai.optfor:spring-openai-api (>=0.2.2 <=0.3.25), be.vlaanderen.informatievlaanderen.ldes.ldio:ldio-azure-blob-out (=2.12.0) +750 more potentially affected by CVE-2023-34062 via io.projectreactor.netty:reactor-netty-http (>=1.1.0 <=1.1.12)
io.projectreactor.netty:reactor-netty-http MAVEN version =1.1.0, =0.2.2, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2023-34062 Source advisory: OSV:GHSA-XJHV-P3FV-X24R...
CVE-2023-34062
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured t...
CVE-2023-34062 vulnerabilities
Vulnerabilities for packages: trino, elasticsearch...
CVE-2023-34062 vulnerabilities
Vulnerabilities for packages: trino...
CVE-2023-34062
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured t...
CVE-2023-34062
CVE-2023-34062 affects Reactor Netty HTTP Server. Versions 1.1.x prior to 1.1.13 and 1.0.x prior to 1.0.39 are vulnerable when the server is configured to serve static resources. A crafted URL can trigger a directory traversal (path traversal) vulnerability, allowing access to restricted files. T...