In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's message. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
Information Disclosure
Ktor
NVD
CVSS 3.1
3.3
EPSS
0.2%
In Splunk Enterprise versions below 9.1.0.2, 9.0.5.1, and 8.2.11.2, an attacker can inject American National Standards Institute (ANSI) escape codes into Splunk log files that, when a vulnerable. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Splunk
RCE
NVD
CVSS 3.1
3.1
EPSS
0.3%