19 results (0.014 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-524: Use of Cache Containing Sensitive Information •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 2.3.5 server certificates were not verified En JetBrains Ktor anterior a 2.3.5, los certificados de servidor no se verificaban • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-295: Improper Certificate Validation •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE En JetBrains Ktor anterior a 2.3.5, la configuración predeterminada de ContentNegotiation con formato XML era vulnerable a XXE • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •