CVE-2020-15824

In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
Configurations

Configuration 1

cpe:2.3:a:jetbrains:kotlin:1.4.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:jetbrains:kotlin:1.4.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:jetbrains:kotlin:1.4.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:jetbrains:kotlin:1.4.0:rc:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_extensibility_workbench:14.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_extensibility_workbench:14.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_extensibility_workbench:14.5:*:*:*:*:*:*:*

Information

Published : 2020-08-08 09:15

Updated : 2022-03-03 05:45


NVD link : CVE-2020-15824

Mitre link : CVE-2020-15824

Products Affected
No products.
CWE