Vulnerabilities > Jetbrains > Ktor
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-17 | CVE-2024-49580 | Unspecified vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure | 5.3 |
2023-10-09 | CVE-2023-45612 | XXE vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE | 9.8 |
2023-10-09 | CVE-2023-45613 | Unspecified vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.5 server certificates were not verified | 9.1 |
2023-06-01 | CVE-2023-34339 | Unspecified vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message | 3.3 |
2023-04-24 | CVE-2022-48476 | Path Traversal vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible | 7.5 |
2022-08-12 | CVE-2022-38179 | Incorrect Comparison vulnerability in Jetbrains Ktor JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack | 6.1 |
2022-08-12 | CVE-2022-38180 | Improper Authentication vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases | 6.5 |
2022-05-12 | CVE-2022-29930 | Use of Insufficiently Random Values vulnerability in Jetbrains Ktor 2.0.0 SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. | 4.9 |
2022-04-11 | CVE-2022-29035 | Use of Insufficiently Random Values vulnerability in Jetbrains Ktor In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations | 2.7 |
2021-11-09 | CVE-2021-43203 | Improper Authentication vulnerability in Jetbrains Ktor In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly. | 7.5 |