Generation of Error Message Containing Sensitive Information
CVE-2023-34339
Summary
In JetBrains Ktor versions prior to 2.3.1 headers containing authentication data could be added to the exception's message.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- LOW
- NONE
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.
References
Advisory Timeline
- Published
