CVE Catalog

CVE-2023-34339

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.21%

11th percentile — higher than 11% of all known CVEs

Summary

In JetBrains Ktor versions before 2.3.1, headers containing authentication data could be added to the exception's message.

Risk Assessment

This could lead to the exposure of sensitive authentication information in logs or error messages, increasing the risk of attacks on the system.

Recommendation

It is recommended to upgrade to version 2.3.1 or later to mitigate the risk associated with the exposure of authentication data.

Original NVD description (English source)

In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message

Vulnerability data from NVD (NIST) · CISA KEV · EPSS