Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect

6.1 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects.

Affected versions:
Reactor Netty 1.0.0 through 1.0.51; 1.1.0 through 1.1.35; 1.2.0 through 1.2.17; 1.3.0 through 1.3.5.

Basic Information

ID CVE-2026-41715

Source vmware

Published Jun 9, 2026 at 03:48

Affected Product

Vendor Spring

Product Reactor Netty

Version 1.0.0

Affected Versions Spring Reactor Netty 1.0.0
Spring Reactor Netty 1.1.0
Spring Reactor Netty 1.2.0
Spring Reactor Netty 1.3.0

CWE Classification

CWE-522

References

spring.io /security/cve-2026-41715

{
    "lastseen": "",
    "description": "In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects.\n\nAffected versions:\nReactor Netty 1.0.0 through 1.0.51; 1.1.0 through 1.1.35; 1.2.0 through 1.2.17; 1.3.0 through 1.3.5.",
    "published": "2026-06-09T03:48:41.439Z",
    "modified": "2026-06-09T03:48:41.439Z",
    "type": "cve",
    "title": "Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect",
    "source": "vmware",
    "references": "https://spring.io/security/cve-2026-41715",
    "id": "CVE-2026-41715",
    "bulletinFamily": "",
    "cwe": [
        "CWE-522"
    ],
    "cvelist": null,
    "sourceData": "Spring Reactor Netty 1.0.0\nSpring Reactor Netty 1.1.0\nSpring Reactor Netty 1.2.0\nSpring Reactor Netty 1.3.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Reactor Netty",
    "version": "1.0.0",
    "vendor": "Spring",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Reactor Netty HTTP Client Leaks Credentials On Protocol Downgrade Redirect_CVE-2026-41715