Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains ktor vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-45612
In JetBrains Ktor prior to 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
Jetbrains Ktor
9.1
CVSSv3
CVE-2023-45613
In JetBrains Ktor prior to 2.3.5 server certificates were not verified
Jetbrains Ktor
3.3
CVSSv3
CVE-2023-34339
In JetBrains Ktor prior to 2.3.1 headers containing authentication data could be added to the exception's message
Jetbrains Ktor
7.5
CVSSv3
CVE-2022-48476
In JetBrains Ktor prior to 2.3.0 path traversal in the `resolveResource` method was possible
Jetbrains Ktor
6.1
CVSSv3
CVE-2022-38179
JetBrains Ktor prior to 2.1.0 was vulnerable to the Reflect File Download attack
Jetbrains Ktor
6.5
CVSSv3
CVE-2022-38180
In JetBrains Ktor prior to 2.1.0 the wrong authentication provider could be selected in some cases
Jetbrains Ktor
4.9
CVSSv3
CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1.
Jetbrains Ktor 2.0.0
2.7
CVSSv3
CVE-2022-29035
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations
Jetbrains Ktor
7.5
CVSSv3
CVE-2021-43203
In JetBrains Ktor prior to 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.
Jetbrains Ktor
5.3
CVSSv3
CVE-2021-25761
In JetBrains Ktor prior to 1.5.0, a birthday attack on SessionStorage key was possible.
Jetbrains Ktor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »