[Kotlin]: Add support for Ktor framework

Question

[Kotlin]: Add support for Ktor framework

am0o0 opened this issue a year ago · 2 comments

am0o0 commented a year ago

Query PR

github/codeql#14959

Language

Java

CVE(s) ID list

WIP

CWE

No response

Report

I tried to support the whole framework both the client side and server side.
the scope of SSRF, user-controllable sources, XSS, Unsafe LDAP, and Sensitive APIs (hard coded secret) has been extended by this submission, this is the biggest and most used web framework written in Kotlin, and I hope it is a useful extension for all.

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

Yes
No

Blog post link

No response

Answer 1 · 2024-06-28T17:12:28.000Z

Closing upon request from @am0o0

Answer 2 · 2024-06-28T17:13:04.000Z

Your submission is now in status Closed.

For information, the evaluation workflow is the following:
Initial triage > Test run > Results analysis > Query review > Final decision > Pay > Closed