CVE-2022-29035 Information
Jun 07, 2022
cve
Description
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren’t using SecureRandom implementations
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Reference
https://github.com/ktorio/ktor/pull/2776 https://www.jetbrains.com/privacy-security/issues-fixed/
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
2.7
Share on: