reactor.netty is vulnerable to information disclosure. The followRedirect
functions does not properly handle the redirect request, leading to a credential leakage if a redirect to different domain is based on the incorrect configuration.
CPE | Name | Operator | Version |
---|---|---|---|
reactor netty with all modules | le | 0.9.4.RELEASE | |
reactor netty with all modules | le | 0.8.15.RELEASE |