Lucene search
K

6 matches found

NVD
NVD
added 2026/06/09 5:16 a.m.16 views

CVE-2026-41715

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...

6.1CVSS0.00172EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:48 a.m.30 views

CVE-2026-41715

CVE-2026-41715 affects the Reactor Netty HTTP Client. When redirects are enabled, HTTP redirects from secure to insecure endpoints may leak credentials and expose sensitive data. Affected versions are Reactor Netty 1.0.0–1.0.51; 1.1.0–1.1.35; 1.2.0–1.2.17; 1.3.0–1.3.5. The provided documents do n...

6.1CVSS5.5AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 3:48 a.m.8 views

EUVD-2026-35322

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...

6.1CVSS5.5AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47647

Name of the Vulnerable Software and Affected Versions Reactor Netty versions 1.0.0 through 1.0.51 Reactor Netty versions 1.1.0 through 1.1.35 Reactor Netty versions 1.2.0 through 1.2.17 Reactor Netty versions 1.3.0 through 1.3.5 Description The Reactor Netty HTTP client may leak credentials when...

6.1CVSS5.8AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 8 : python27:2.7 (AXSA:2020-969:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-969:01 advisory. python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 python: Cookie domain check...

9.8CVSS7.7AI score0.07443EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2025/09/12 12:0 a.m.8 views

Curl 7.31.0 < 8.16.0 Out of Bounds Read (CVE-2025-9086)

The version of Curl installed on the remote host is 7.31.0 prior to 8.16.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-9086 advisory. - A cookie is set using the secure keyword for https://target. Curl is redirected to or otherwise made to speak with http://target...

7.5CVSS6.7AI score0.01301EPSS
Exploits1References2
Rows per page
Query Builder