In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.jetbrains.kotlin:kotlin-stdlib(Maven) | 0 | 1.4.21 | N/A |
CVSS Metrics
