SB2022020805 - Security features bypass in Kotlin
Published: February 8, 2022
Security Bulletin ID
SB2022020805
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Security features bypass (CVE-ID: CVE-2022-24329)
CWE-ID: CWE-254 - Security Features
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote user to bypass certain security restrictions.
The vulnerability exists due to unspecified error, related to the ability to lock dependencies for Kotlin Multiplatform Gradle projects.
Remediation
Install update from vendor's website.