CVE-2024-49580: In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure

5.3 CVSS

Description

In JetBrains Ktor before 2.3.13 improper caching in HttpCache Plugin could lead to response information disclosure

Classification

CVE ID: CVE-2024-49580

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.3

Affected Products

Vendor: JetBrains

Product: Ktor

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 19.3% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://www.jetbrains.com/privacy-security/issues-fixed/

Timeline