Kotlin Security Vulnerabilities - CVSS Score 5 - 6

CVE-2020-29582

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.

CVE-2022-24329

In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.