Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Filtered by product Kotlin

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10102 1 Jetbrains 2 Kotlin, Ktor 2023-08-18 6.8 MEDIUM 8.1 HIGH
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. This issue was fixed in Kotlin plugin version 1.3.30.
CVE-2019-10101 1 Jetbrains 1 Kotlin 2023-08-18 6.8 MEDIUM 8.1 HIGH
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
CVE-2019-10103 1 Jetbrains 1 Kotlin 2023-08-18 6.8 MEDIUM 8.1 HIGH
JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101.
CVE-2022-24329 2 Jetbrains, Oracle 2 Kotlin, Communications Pricing Design Center 2022-07-25 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
CVE-2020-29582 2 Jetbrains, Oracle 4 Kotlin, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 1 more 2022-05-12 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
CVE-2020-15824 1 Jetbrains 1 Kotlin 2022-02-07 6.5 MEDIUM 8.8 HIGH
In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.