CVE-2020-29582:
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
CVE-2022-24329:
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
CVE-2020-29582:
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
CVE-2022-24329:
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
CVE-2020-29582:
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
CVE-2022-24329:
In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
Lintian reports
30 warnings
about this package. You should make the package lintian clean getting rid of them.
debian/patches: 55 patches to forward upstream
low
Among the 67 debian patches
available in version 1.3.31+ds1-1 of the package,
we noticed the following issues:
55 patches
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
![[bug history graph]](https://qa.debian.org/data/bts/graphs/k/kotlin.png){kind=link}