Privilege Escalation Vulnerability in JetBrains Kotlin
CVE-2020-15824

8.8HIGH

Key Information:

Vendor

Jetbrains
Status
Kotlin
Vendor
CVE Published:
8 August 2020

What is CVE-2020-15824?

In JetBrains Kotlin, versions ranging from 1.4-M1 to 1.4-RC have a vulnerability that allows privilege escalation due to cached scripts being stored in the system's temporary directory. This directory is accessible by all users by default, potentially exposing sensitive functionalities. This issue does not affect Kotlin version 1.3.7x, and it has been resolved in version 1.4.0.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://lists.apache.org/thread.html/ra12c3e23b021f259a20...
mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/ra12c3e23b021f259a20...
mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2020/12/06/1
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.