io.projectreactor.netty:reactor-netty@0.8.12.RELEASE vulnerabilities
-
latest version
1.1.18
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
20 days ago
-
licenses detected
- [0.8.0.RELEASE,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the io.projectreactor.netty:reactor-netty package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
io.projectreactor.netty:reactor-netty is a TCP/HTTP/UDP client/server with Reactor over Netty. Affected versions of this package are vulnerable to Denial of Service (DoS) due to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response. How to fix Denial of Service (DoS)? Upgrade |
[0.9.0.RELEASE,0.9.5.RELEASE)
[0.8.0.RELEASE,0.8.16.RELEASE)
|
io.projectreactor.netty:reactor-netty is a TCP/HTTP/UDP client/server with Reactor over Netty. Affected versions of this package are vulnerable to Information Exposure. It may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects. How to fix Information Exposure? Upgrade |
[0.9.0.RELEASE,0.9.5.RELEASE)
[0.8.0.RELEASE,0.8.16.RELEASE)
|