Описание
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
Ссылки
- Vendor Advisory
- Vendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Vendor Advisory
- Vendor Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for ...
Incorrect Default Permissions in JetBrains Kotlin
Уязвимость интерпретатора языка программирования JetBrains Kotlin, связанная с неправильными настройками прав доступа по умолчанию, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
5.3 Medium
CVSS3
5 Medium
CVSS2