Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2022-10-19T00:00:00
Updated: 2024-08-03T07:26:01.025Z
Reserved: 2022-05-25T00:00:00
Link: CVE-2022-31684
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-19T22:15:10.237
Modified: 2024-11-21T07:05:07.500
Link: CVE-2022-31684
Redhat