Vulnerabilities > Jetbrains > Ktor > 1.1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-27 | CVE-2020-5207 | HTTP Request Smuggling vulnerability in Jetbrains Ktor In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. | 5.0 |
2019-12-26 | CVE-2019-19389 | Injection vulnerability in Jetbrains Ktor JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting. | 3.5 |
2019-12-10 | CVE-2019-19703 | Open Redirect vulnerability in Jetbrains Ktor In Ktor through 1.2.6, the client resends data from the HTTP Authorization header to a redirect location. | 5.8 |
2019-10-02 | CVE-2019-12737 | Use of Password Hash With Insufficient Computational Effort vulnerability in Jetbrains Ktor UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials. | 5.0 |
2019-10-02 | CVE-2019-12736 | Command Injection vulnerability in Jetbrains Ktor JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. | 7.5 |