Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

reactor_netty

Source -

ADP

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
1Vulnerabilities found
CVE-2023-34062
Assigner-VMware by Broadcom
ShareView Details
Assigner-VMware by Broadcom
CVSS Score-7.5||HIGH
EPSS-1.59% / 80.89%
||
7 Day CHG~0.00%
Published-15 Nov, 2023 | 09:46
Updated-29 Aug, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured to serve static resources.

Action-Not Available
Vendor-n/areactor_nettyVMware (Broadcom Inc.)
Product-reactor_nettyReactor Nettyreactor_netty
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')