CVE-2020-29582

NameCVE-2020-29582
DescriptionIn JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1001037

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
kotlin (PTS)sid, trixie, bookworm1.3.31+ds1-1undetermined

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
kotlinsource(unstable)undetermined1001037

Notes

https://youtrack.jetbrains.com/issue/KT-42181 (not public)
Search for package or bug name: Reporting problems