In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jetbrains kotlin 1.4.0 |
||
oracle communications cloud native core policy 1.14.0 |
||
oracle banking extensibility workbench 14.2 |
||
oracle banking extensibility workbench 14.3 |
||
oracle banking extensibility workbench 14.5 |