Main Vulnerability Database Vulnerabilities #VU60367

#VU60367 Security features bypass in Kotlin - CVE-2022-24329

Published: February 8, 2022

Vulnerability identifier: #VU60367

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-24329

CWE-ID: CWE-254

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Kotlin

Software vendor:
JetBrains s.r.o.

Description

The vulnerability allows a remote user to bypass certain security restrictions.

The vulnerability exists due to unspecified error, related to the ability to lock dependencies for Kotlin Multiplatform Gradle projects.

Install updates from vendor's website.