CVE-2020-29582

Name of the Vulnerable Software and Affected Versions JetBrains Kotlin versions prior to 1.4.21

Description The issue is related to the use of a vulnerable Java API for temporary file and folder creation in JetBrains Kotlin, resulting in insecure permissions. This allows an attacker to read data from such files and list directories. The vulnerability is associated with incorrect default permission settings, which can be exploited by a remote attacker to disclose protected information.

Recommendations For versions prior to 1.4.21, update to version 1.4.21 or later to resolve the issue. As a temporary workaround, consider restricting access to temporary files and folders created by the vulnerable Java API to minimize the risk of exploitation.