JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. This issue was fixed in Kotlin plugin version 1.3.30.
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HJetbrains Kotlin
APPJetbrains< 1.3.30Jetbrains Ktor
APPJetbrains< 1.1.0
Related vulnerabilities
JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for the LDAP prot...
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to X...
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor v...
In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented imp...