Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains intellij idea vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-47895
In JetBrains IntelliJ IDEA prior to 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
Jetbrains Intellij Idea
7.8
CVSSv3
CVE-2022-47896
In JetBrains IntelliJ IDEA prior to 2022.3.1 code Templates were vulnerable to SSTI attacks.
Jetbrains Intellij Idea
5.9
CVSSv3
CVE-2019-14954
JetBrains IntelliJ IDEA prior to 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
Jetbrains Intellij Idea
9.8
CVSSv3
CVE-2019-10104
In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote malicious user to execute code when the configuration is running, because a JMX server listened on all ...
Jetbrains Intellij Idea
9.8
CVSSv3
CVE-2020-11690
In JetBrains IntelliJ IDEA prior to 2020.1, the license server could be resolved to an untrusted host in some cases.
Jetbrains Intellij Idea
7.8
CVSSv3
CVE-2022-24346
In JetBrains IntelliJ IDEA prior to 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible.
Jetbrains Intellij Idea
6.7
CVSSv3
CVE-2022-29813
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via custom Pandoc path was possible
Jetbrains Intellij Idea
3.2
CVSSv3
CVE-2022-29816
In JetBrains IntelliJ IDEA prior to 2022.1 HTML injection into IDE messages was possible
Jetbrains Intellij Idea
7.1
CVSSv3
CVE-2022-29818
In JetBrains IntelliJ IDEA prior to 2022.1 origin checks in the internal web server were flawed
Jetbrains Intellij Idea
7.7
CVSSv3
CVE-2022-29819
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via links in Quick Documentation was possible
Jetbrains Intellij Idea
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »