Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains ktor vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-45612
In JetBrains Ktor prior to 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
Jetbrains Ktor
9.1
CVSSv3
CVE-2023-45613
In JetBrains Ktor prior to 2.3.5 server certificates were not verified
Jetbrains Ktor
3.3
CVSSv3
CVE-2023-34339
In JetBrains Ktor prior to 2.3.1 headers containing authentication data could be added to the exception's message
Jetbrains Ktor
7.5
CVSSv3
CVE-2022-48476
In JetBrains Ktor prior to 2.3.0 path traversal in the `resolveResource` method was possible
Jetbrains Ktor
6.1
CVSSv3
CVE-2022-38179
JetBrains Ktor prior to 2.1.0 was vulnerable to the Reflect File Download attack
Jetbrains Ktor
6.5
CVSSv3
CVE-2022-38180
In JetBrains Ktor prior to 2.1.0 the wrong authentication provider could be selected in some cases
Jetbrains Ktor
4.9
CVSSv3
CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1.
Jetbrains Ktor 2.0.0
2.7
CVSSv3
CVE-2022-29035
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations
Jetbrains Ktor
7.5
CVSSv3
CVE-2021-43203
In JetBrains Ktor prior to 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.
Jetbrains Ktor
5.3
CVSSv3
CVE-2021-25762
In JetBrains Ktor prior to 1.4.3, HTTP Request Smuggling was possible.
Jetbrains Ktor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »