CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49580
https://notcve.org/view.php?id=CVE-2024-49580
In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-524: Use of Cache Containing Sensitive Information •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45613
https://notcve.org/view.php?id=CVE-2023-45613
In JetBrains Ktor before 2.3.5 server certificates were not verified En JetBrains Ktor anterior a 2.3.5, los certificados de servidor no se verificaban • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45612
https://notcve.org/view.php?id=CVE-2023-45612
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE En JetBrains Ktor anterior a 2.3.5, la configuración predeterminada de ContentNegotiation con formato XML era vulnerable a XXE • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-34339
https://notcve.org/view.php?id=CVE-2023-34339
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-48476
https://notcve.org/view.php?id=CVE-2022-48476
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •