98 matches found
CVE-2026-41715
In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...
CVE-2026-41715 Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect
In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...
EUVD-2026-35322
In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...
CVE-2026-41715 Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect
In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...
CVE-2026-41715
CVE-2026-41715 affects the Reactor Netty HTTP Client. When redirects are enabled, HTTP redirects from secure to insecure endpoints may leak credentials and expose sensitive data. Affected versions are Reactor Netty 1.0.0–1.0.51; 1.1.0–1.1.35; 1.2.0–1.2.17; 1.3.0–1.3.5. The provided documents do n...
PT-2026-47647
In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...
Cleartext Transmission of Sensitive Information
Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via HTTP redirect handling in the HTTP client. An attacker can obtain sensitive credentials by causing a client configured to automatically follow redirects to follow a redirect from a...
ROOT-APP-MAVEN-CVE-2025-22227 CVE-2025-22227 in io.root.io.projectreactor.netty:reactor-netty-http - Patched by Root
Root has patched CVE-2025-22227 in the io.root.io.projectreactor.netty:reactor-netty-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2023-34062 CVE-2023-34062 in io.root.io.projectreactor.netty:reactor-netty-http - Patched by Root
Root has patched CVE-2023-34062 in the io.root.io.projectreactor.netty:reactor-netty-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2023-34054 CVE-2023-34054 in io.root.io.projectreactor.netty:reactor-netty-core - Patched by Root
Root has patched CVE-2023-34054 in the io.root.io.projectreactor.netty:reactor-netty-core package for Root:Maven. Multiple fixed versions available...
Security Bulletin:Vulnerability in reactor-netty-http affects IBM Netezza Appliance
Summary The reactor-netty-http package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-22227 Vulnerability Details CVEID:CVE-2025-22227 DESCRIPTION: In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. I...
Security Bulletin: There is a vulnerability in reactor-netty-http-1.2.1.jar (used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-22227)
Summary There is a vulnerability inreactor-netty-http-1.2.1.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-22227 DESCRIPTION: In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order f...
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in reactor-netty-http
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in reactor-netty-http Vulnerability Details CVEID:CVE-2025-22227 DESCRIPTION: In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen,...
EUVD-2019-0705
Malware in sbrugna...
EUVD-2022-7053
Malicious code in bioql PyPI...
EUVD-2023-3013
Malicious code in bioql PyPI...
EUVD-2022-1052
Malicious code in bioql PyPI...
EUVD-2025-21595
Malicious code in bioql PyPI...
EUVD-2022-1019
Malicious code in bioql PyPI...
EUVD-2023-3062
Malicious code in bioql PyPI...