📦 Ktor

This vulnerability in JetBrains Ktor's ContentNegotiation feature with XML format allows attackers to perform XML External Entity (XXE) attacks, potentially leading to sensitive data disclosure, serve...

This CVE describes a critical vulnerability in JetBrains Ktor Native 2.0.0 where the SHA1 implementation returned the same hash value for all inputs, completely breaking cryptographic integrity. This ...

This vulnerability in JetBrains Ktor allows improper nonce verification during OAuth2 authentication, potentially enabling attackers to bypass authentication or perform session hijacking. It affects a...

CVE-2025-29904 is an HTTP request smuggling vulnerability in JetBrains Ktor framework versions before 3.1.1. This allows attackers to bypass security controls, poison caches, or hijack user sessions b...

The CVE-2024-49580 vulnerability in JetBrains Ktor's HttpCache Plugin involves improper caching that could allow unauthorized disclosure of cached HTTP responses. This affects applications using Ktor ...