Lucene search
+L

201 matches found

Prion
Prion
added 2022/08/12 10:15 a.m.20 views

Design/Logic Flaw

JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...

5.8CVSS6.2AI score0.00415EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/08/12 9:55 a.m.21 views

CVE-2022-38180

In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases...

5.3CVSS6.6AI score0.00631EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/08/12 9:55 a.m.30 views

CVE-2022-38180

In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases...

5.3CVSS6.7AI score0.00631EPSS
Exploits0References2
CVE
CVE
added 2022/08/12 9:55 a.m.86 views

CVE-2022-38180

CVE-2022-38180 affects JetBrains Ktor prior to 2.1.0. The issue is a misselection of the authentication provider in some cases, due to the wrong provider being chosen. The CVSS metrics indicate a High confidentiality impact with no integrity/availability impact, and there is a network attack vect...

6.5CVSS6.5AI score0.00631EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/08/12 9:55 a.m.22 views

CVE-2022-38179

JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...

4.7CVSS6.3AI score0.00415EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/08/12 9:55 a.m.39 views

CVE-2022-38179

JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...

4.7CVSS6.4AI score0.00415EPSS
Exploits0References2
CVE
CVE
added 2022/08/12 9:55 a.m.106 views

CVE-2022-38179

JetBrains Ktor prior to 2.1.0 is affected by a Reflect File Download (RFD) vulnerability. The issue stems from improper encoding of the Content-Disposition filename parameter, enabling an attacker to trigger untrusted file downloads. Multiple sources confirm the affected product/version and descr...

6.1CVSS6.2AI score0.00415EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/08/12 12:0 a.m.4 views

JetBrains Ktor framework 授权问题漏洞

JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A security vulnerability exists in JetBrains Ktor framework versions prior to 2.1.0, which stems from the possibility that a user may select the wrong authentication under certain circumstances...

6.5CVSS6.5AI score0.00631EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/12 12:0 a.m.5 views

JetBrains Ktor framework 安全漏洞

JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A security vulnerability exists in JetBrains Ktor framework versions prior to 2.1.0, which stems from vulnerability to reflected file download attacks...

6.1CVSS6.2AI score0.00415EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/12 12:0 a.m.9 views

PT-2022-24259 · Jetbrains · Jetbrains Ktor

Name of the Vulnerable Software and Affected Versions: JetBrains Ktor versions prior to 2.1.0 Description: The issue concerns a Reflect File Download attack. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...

6.1CVSS6.1AI score0.00415EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2022/05/12 9:15 a.m.3 views

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

8.7CVSS5.9AI score0.0083EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/05/12 9:15 a.m.29 views

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

8.7CVSS0.0083EPSS
Exploits0References2
Prion
Prion
added 2022/05/12 9:15 a.m.20 views

Design/Logic Flaw

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

4CVSS5.1AI score0.0083EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/05/12 8:35 a.m.29 views

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

8.7CVSS8.8AI score0.0083EPSS
Exploits0References2
CVE
CVE
added 2022/05/12 8:35 a.m.95 views

CVE-2022-29930

CVE-2022-29930 affects JetBrains Ktor Native 2.0.0, where the SHA1 implementation returned the same value due to a faulty hashing function. The issue has been fixed in Ktor 2.0.1. Public references from NVD/Red Hat OSV and related sources corroborate the fix version and the affected component. If...

8.7CVSS5.1AI score0.0083EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/05/12 8:35 a.m.21 views

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

8.7CVSS6.8AI score0.0083EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.5 views

JetBrains Ktor Native 安全特征问题特征问题漏洞

JetBrains Ktor Native is an asynchronous framework for creating microservices, web applications, and more from the Czech company JetBrains. A security signature issue vulnerability exists in JetBrains Ktor Native versions prior to 2.0.1, which stems from the fact that SHA1 can return the same val...

8.7CVSS5.3AI score0.0083EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.11 views

PT-2022-19914 · Jetbrains · Jetbrains Ktor Native

Name of the Vulnerable Software and Affected Versions: JetBrains Ktor Native version 2.0.0 Description: The SHA1 implementation was returning the same value, indicating a potential issue with the hashing function. This issue was resolved in a later version. Recommendations: For version 2.0.0,...

8.7CVSS5AI score0.0083EPSS
Exploits0References6
CNVD
CNVD
added 2022/05/10 12:0 a.m.62 views

JetBrains Ktor Native Security Feature Issue Vulnerability

JetBrains Ktor Native is an asynchronous framework for creating microservices, web applications, etc. JetBrains Ktor Native versions prior to 2.0.0 are vulnerable to a security feature that stems from the fact that random values used for random number generation are not implemented using...

4CVSS1.9AI score0.00596EPSS
Exploits0References1
NVD
NVD
added 2022/04/11 7:15 p.m.28 views

CVE-2022-29035

In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations...

4CVSS0.00596EPSS
Exploits0References2
Rows per page
Query Builder