RSS   Vulnerabilities for 'Kotlin'   RSS

2019-07-03
 
CVE-2019-10103

CWE-20
 

 
JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101.

 
 
CVE-2019-10102

CWE-20
 

 
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. This issue was fixed in Kotlin plugin version 1.3.30.

 
 
CVE-2019-10101

CWE-310
 

 
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.

 

 >>> Vendor: Jetbrains 8 Products
Teamcity
Intellij idea
Dotpeek
Resharper ultimate
Youtrack integration
HUB
Youtrack
Kotlin


Copyright 2019, cxsecurity.com

 

Back to Top