Security Bulletin: Due to the use of JetBrains Kotlin, IBM webMethods BPM is vulnerable to the use of Java API for temporary file and folder creation

Summary IBM webMethods BPM uses JetBrains Kotlin which is vulnerable to the use of Java API for temporary file and folder creation. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An...

EUVD-2019-2144

Malware in sbrugna...

EUVD-2020-7806

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-15824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In JetBrains Kotlin from 1.4-M1 to 1.4-RC as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0 there is a script-cache privilege escalation...

com.aerospike:aerospike-proxy-stub (=1.1.0), com.android.designcompose:common (>=0.28.0 <=0.29.0-rc01) +11 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-kotlin (>=4.26.0 <=4.27.2)

com.google.protobuf:protobuf-kotlin MAVEN version =4.26.0, =0.28.0, =0.6.0, =0.5.9, =0.6.0, =0.2.2, =0.2.2, =0.3.0, =0.5.0 Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...

com.jamshedalamqaderi.ktransport:generate-proto (>=0.0.1-dev-17 <=1.0.6), com.wavesenterprise:we-contract-sdk-grpc (>=1.0.0 <=1.2.0) +7 more potentially affected by CVE-2022-3171 via com.google.protobuf:protobuf-kotlin (=3.20.1)

com.google.protobuf:protobuf-kotlin MAVEN version =3.20.1 is affected by a known vulnerability. The following packages have a transitive dependency on com.google.protobuf:protobuf-kotlin and may be impacted: - com.jamshedalamqaderi.ktransport:generate-proto =0.0.1-dev-17, =1.0.0, =0.2.0, =0.2.0,...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Kotlin

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Kotlin. Vulnerability Details CVEID: CVE-2020-29582 DESCRIPTION: JetBrains Kotlin could allow a local authenticated attacker to obtain sensitive information, caused by an insecure permission flaw when creatin...

CVE-2020-15824

In JetBrains Kotlin from 1.4-M1 to 1.4-RC as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0 there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default...

UBUNTU-CVE-2020-15824

In JetBrains Kotlin from 1.4-M1 to 1.4-RC as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0 there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default...

JetBrains Kotlin Man-in-the-Middle Attack Vulnerability

JetBrains Kotlin is a statically typed programming language from the Czech company JetBrains that runs on the Java Virtual Machine. A man-in-the-middle attack vulnerability exists in JetBrains Kotlin versions prior to 1.3.30. An attacker could exploit this vulnerability to conduct a...

PT-2019-11466 · Jetbrains · Kotlin

Name of the Vulnerable Software and Affected Versions: JetBrains Kotlin versions prior to 1.3.30 Description: The issue allows for a potential MITM attack due to the resolution of artifacts using an http connection during the build process. Recommendations: For versions prior to 1.3.30, update to...