Main Vulnerability Database Vulnerabilities #VU60367

Security features bypass in Kotlin - CVE-2022-24329

Published: February 8, 2022

Vulnerability identifier: #VU60367

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-24329

CWE-ID: CWE-254

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: JetBrains s.r.o.

Affected software:
Kotlin

Detailed vulnerability description

The vulnerability allows a remote user to bypass certain security restrictions.

The vulnerability exists due to unspecified error, related to the ability to lock dependencies for Kotlin Multiplatform Gradle projects.

Install updates from vendor's website.