CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.7 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
JetBrainsCNA
8.7 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
jetbrainsktor
2.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/ktorio/ktor/pull/2966
https://www.jetbrains.com/privacy-security/issues-fixed/
https://github.com/ktorio/ktor/pull/2966
https://www.jetbrains.com/privacy-security/issues-fixed/