Kotlin Security Vulnerabilities and Issues — Kotlin CVE List

Lucene search

JetbrainsKotlin

4 matches found

CVE•added 2019/07/03 8:15 p.m.•264 views

CVE-2019-10101

JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.

8.1CVSS7.9AI score0.00012EPSS

Web

CVE•added 2019/07/03 8:15 p.m.•260 views

CVE-2019-10103

JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101.

8.1CVSS7.8AI score0.00012EPSS

Web

CVE•added 2019/07/03 8:15 p.m.•255 views

CVE-2019-10102

JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. This issue was fixed in Kotlin plugin version 1.3.30.

8.1CVSS7.9AI score0.00003EPSS

CVE•added 2020/08/08 9:15 p.m.•142 views

CVE-2020-15824

In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.

8.8CVSS8.6AI score0.00026EPSS