Eclipse Foundation · Reactor Netty · CVE-2025-22227
**Name of the Vulnerable Software and Affected Versions**
Reactor Netty HTTP client (affected versions not specified)
**Description**
In specific scenarios involving chained redirects, the Reactor Netty HTTP client is susceptible to credential leakage. This issue occurs when the HTTP client is explicitly configured to follow redirects.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.