Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured to serve static resources.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
VMware Reactor Netty 路径遍历漏洞
Vulnerability Description
VMware Reactor Netty是美国威睿(VMware)公司的一个提供基于 Netty 框架的非阻塞和背压就绪的 TCP/HTTP/UDP/QUIC 客户端和服务器。 VMware Reactor Netty 1.1.13之前的1.1.x版本和1.0.39之前的1.0.x版本存在安全漏洞,该漏洞源于恶意用户可以使用特制的URL发送请求,从而导致目录遍历攻击。
CVSS Information
N/A
Vulnerability Type
N/A