{"id":"CVE-2020-5403","details":"Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response.","aliases":["GHSA-hp5x-rqf7-43vf"],"modified":"2026-04-10T04:27:39.172484Z","published":"2020-03-03T19:15:15.210Z","references":[{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2020-5403"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/reactor/reactor-netty","events":[{"introduced":"0"},{"last_affected":"e0fa2a8c09f35042efc75a90c10827540b2f57d9"},{"introduced":"0"},{"last_affected":"dc25636204478373d3eec074f3499e76187d72cd"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.9.3"},{"introduced":"0"},{"last_affected":"0.9.4"}]}}],"versions":["0.8.0.M2","v0.5.1.RELEASE","v0.5.2.RELEASE","v0.6.0.RELEASE","v0.6.1.RELEASE","v0.6.2.RELEASE","v0.6.3.RELEASE","v0.6.4.RELEASE","v0.7.0.M1","v0.7.0.M2","v0.7.0.RC1","v0.7.0.RELEASE","v0.7.1.RELEASE","v0.7.2.RELEASE","v0.7.3.RELEASE","v0.7.4.RELEASE","v0.7.5.RELEASE","v0.7.6.RELEASE","v0.7.7.RELEASE","v0.8.0.M1","v0.8.0.M3","v0.8.0.RELEASE","v0.8.1.RELEASE","v0.8.2.RELEASE","v0.8.3.RELEASE","v0.8.4.RELEASE","v0.8.5.RELEASE","v0.9.0.M1","v0.9.0.M2","v0.9.0.M3","v0.9.0.RC1","v0.9.0.RELEASE","v0.9.1.RELEASE","v0.9.2.RELEASE","v0.9.3.RELEASE","v0.9.4.RELEASE"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5403.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}