CVE-2025-29904 — HTTP Request Smuggling in Ktor

Severity

5.3MEDIUMNVD

EPSS

0.0%

top 99.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 12

Description

In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

▶CVEListV5jetbrains/ktor< 3.1.1

GHSA

GHSA-cqw7-466v-f9g6: In JetBrains Ktor before 3↗2025-03-12

▶

CVEList

CVE-2025-29904: In JetBrains Ktor before 3↗2025-03-12

▶