Vulnerabilities > Jetbrains > Ktor > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-09 | CVE-2023-45613 | Improper Certificate Validation vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.5 server certificates were not verified | 9.1 |
| 2023-10-09 | CVE-2023-45612 | XXE vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE | 9.8 |
| 2019-10-02 | CVE-2019-12736 | Command Injection vulnerability in Jetbrains Ktor JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP protocol, leading to command injection. | 9.8 |