Lucene search

Ktor Security Vulnerabilities - 2023

cve

In JetBrains Ktor before 2.3.0 path traversal in the resolveResource method was possible

7.5CVSS

7.5AI Score

0.001EPSS

2023-04-24 01:15 PM

cve

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message

3.3CVSS

4.2AI Score

0.0004EPSS

2023-06-01 07:15 PM

cve

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE

9.8CVSS

9.4AI Score

0.001EPSS

2023-10-09 11:15 AM

cve

In JetBrains Ktor before 2.3.5 server certificates were not verified

9.1CVSS

9.2AI Score

0.001EPSS

2023-10-09 11:15 AM