CVE-2020-26129 — HTTP Request Smuggling in Ktor

Severity

6.5MEDIUMNVD

EPSS

0.0%

top 99.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 16

Latest updateMay 24

Description

In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

GHSA

GHSA-4hv7-632m-j4jc: In JetBrains Ktor before 1↗2022-05-24

▶

CVEList

CVE-2020-26129: In JetBrains Ktor before 1↗2020-11-16

▶