201 matches found
Design/Logic Flaw
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...
CVE-2022-38180
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases...
CVE-2022-38180
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases...
CVE-2022-38180
CVE-2022-38180 affects JetBrains Ktor prior to 2.1.0. The issue is a misselection of the authentication provider in some cases, due to the wrong provider being chosen. The CVSS metrics indicate a High confidentiality impact with no integrity/availability impact, and there is a network attack vect...
CVE-2022-38179
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...
CVE-2022-38179
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack...
CVE-2022-38179
JetBrains Ktor prior to 2.1.0 is affected by a Reflect File Download (RFD) vulnerability. The issue stems from improper encoding of the Content-Disposition filename parameter, enabling an attacker to trigger untrusted file downloads. Multiple sources confirm the affected product/version and descr...
JetBrains Ktor framework 授权问题漏洞
JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A security vulnerability exists in JetBrains Ktor framework versions prior to 2.1.0, which stems from the possibility that a user may select the wrong authentication under certain circumstances...
JetBrains Ktor framework 安全漏洞
JetBrains Ktor framework is a web application framework from the Czech company JetBrains. A security vulnerability exists in JetBrains Ktor framework versions prior to 2.1.0, which stems from vulnerability to reflected file download attacks...
PT-2022-24259 · Jetbrains · Jetbrains Ktor
Name of the Vulnerable Software and Affected Versions: JetBrains Ktor versions prior to 2.1.0 Description: The issue concerns a Reflect File Download attack. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...
CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...
Design/Logic Flaw
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...
CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...
CVE-2022-29930
CVE-2022-29930 affects JetBrains Ktor Native 2.0.0, where the SHA1 implementation returned the same value due to a faulty hashing function. The issue has been fixed in Ktor 2.0.1. Public references from NVD/Red Hat OSV and related sources corroborate the fix version and the affected component. If...
CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...
JetBrains Ktor Native 安全特征问题特征问题漏洞
JetBrains Ktor Native is an asynchronous framework for creating microservices, web applications, and more from the Czech company JetBrains. A security signature issue vulnerability exists in JetBrains Ktor Native versions prior to 2.0.1, which stems from the fact that SHA1 can return the same val...
PT-2022-19914 · Jetbrains · Jetbrains Ktor Native
Name of the Vulnerable Software and Affected Versions: JetBrains Ktor Native version 2.0.0 Description: The SHA1 implementation was returning the same value, indicating a potential issue with the hashing function. This issue was resolved in a later version. Recommendations: For version 2.0.0,...
JetBrains Ktor Native Security Feature Issue Vulnerability
JetBrains Ktor Native is an asynchronous framework for creating microservices, web applications, etc. JetBrains Ktor Native versions prior to 2.0.0 are vulnerable to a security feature that stems from the fact that random values used for random number generation are not implemented using...
CVE-2022-29035
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations...