137 matches found
CVE-2023-45613
In JetBrains Ktor before 2.3.5 server certificates were not verified...
CVE-2022-38179
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...
CVE-2022-38180
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases...
CVE-2023-45612
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE...
Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor
CVE-2023-45612 PoC This repository contains a proof of concep...
Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor
ktor-xxe This project was created using the Ktor Project Gen...
Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor
ktor-xxe-poc This is a proof-of-concept reproducing the secur...
EUVD-2019-4325
Malware in sbrugna...
EUVD-2023-49905
Malicious code in bioql PyPI...
Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor
CVE-2023-45612 - https://nvd.nist.gov/vuln/detail/CVE-2023-456...
CVE-2024-49580
In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure...
CVE-2023-34339
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message...
CVE-2022-29035
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations...
CVE-2021-43203
In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly...
CVE-2021-25761
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible...
CVE-2021-25763
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default...
CVE-2021-25762
In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible...
CVE-2020-26129
In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible...
CVE-2019-19389
JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting...
CVE-2019-12737
UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials...