CVE-2025-22227
CVE-2025-22227: Authentication Leak On Redirect With Reactor Netty HTTP Client
In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
VMware · Reactor Netty¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://spring.io/security/cve-2025-22227