CVE-2021-25763 — Use of a Broken or Risky Cryptographic Algorithm in Ktor

Severity

5.3MEDIUMNVD

EPSS

0.0%

top 99.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedFeb 3

Latest updateMay 24

Description

In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

GHSA

GHSA-7m4m-xwpv-qmvh: In JetBrains Ktor before 1↗2022-05-24

▶

CVEList

CVE-2021-25763: In JetBrains Ktor before 1↗2021-02-03

▶