Vulnerabilities > Pivotal > Reactor Netty > 0.9.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-28 | CVE-2023-34054 | Unspecified vulnerability in Pivotal Reactor Netty In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in integration with Micrometer is enabled. | 7.5 |
2020-03-03 | CVE-2020-5403 | Improper Handling of Exceptional Conditions vulnerability in Pivotal Reactor Netty 0.9.3/0.9.4 Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response. | 7.5 |
2020-03-03 | CVE-2020-5404 | Insufficiently Protected Credentials vulnerability in Pivotal Reactor Netty The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. | 5.9 |