Get ahead
VMware offers training and certification to turbo-charge your progress.
Learn moreCVE Reports Published for Reactor Netty
The following CVE reports were published today:
- CVE-2020-5403 affecting Reactor Netty
HttpServer0.9.3 and 0.9.4. - CVE-2020-5404 affecting Reactor Netty
HttpClientfor all 0.8.x and 0.9.x versions in applications where the automatic following of redirects is explicitly enabled.
The fixes are in Reactor Netty 0.9.5 and 0.8.16. If using the reactor-bom, you can upgrade to Dysprosium-SR5 or Californium-SR16.
Reactor Netty is used internally in many frameworks including Spring WebFlux and its WebClient. If you have a Spring Boot application, you can upgrade to Spring Boot 2.2.5 or 2.1.13.
Get support
Tanzu Spring offers support and binaries for OpenJDK™, Spring, and Apache Tomcat® in one simple subscription.
Learn moreUpcoming events
Check out all the upcoming events in the Spring community.
View all