Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains ktor vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-12737
UserHashedTableAuth in JetBrains Ktor framework prior to 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials.
Jetbrains Ktor 1.2.0
Jetbrains Ktor
605
VMScore
CVE-2019-10102
JetBrains Ktor framework (created using the Kotlin IDE template) versions prior to 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. This issue was fixed in Kotlin plugin version 1.3.30.
Jetbrains Kotlin
Jetbrains Ktor
312
VMScore
CVE-2019-19389
JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting.
Jetbrains Ktor
668
VMScore
CVE-2019-12736
JetBrains Ktor framework prior to 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection.
Jetbrains Ktor
NA
CVE-2022-38179
JetBrains Ktor prior to 2.1.0 was vulnerable to the Reflect File Download attack
Jetbrains Ktor
570
VMScore
CVE-2020-26129
In JetBrains Ktor prior to 1.4.1, HTTP request smuggling was possible.
Jetbrains Ktor
NA
CVE-2022-38180
In JetBrains Ktor prior to 2.1.0 the wrong authentication provider could be selected in some cases
Jetbrains Ktor
445
VMScore
CVE-2020-5207
In Ktor prior to 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.
Jetbrains Ktor
NA
CVE-2023-34339
In JetBrains Ktor prior to 2.3.1 headers containing authentication data could be added to the exception's message
Jetbrains Ktor
445
VMScore
CVE-2021-25761
In JetBrains Ktor prior to 1.5.0, a birthday attack on SessionStorage key was possible.
Jetbrains Ktor
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »