In Reactor Netty HTTP Server, versions 1.1.x before 1.1.13 and versions 1.0.x before 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured to serve static resources.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pivotal reactor netty |