Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains intellij idea vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2022-29814
In JetBrains IntelliJ IDEA prior to 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
Jetbrains Intellij Idea
6.1
CVSSv3
CVE-2022-29817
In JetBrains IntelliJ IDEA prior to 2022.1 reflected XSS via error messages in internal web server was possible
Jetbrains Intellij Idea
7.4
CVSSv3
CVE-2020-7904
In JetBrains IntelliJ IDEA prior to 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2020-7905
Ports listened to by JetBrains IntelliJ IDEA prior to 2019.3 were exposed to the network.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2020-7914
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
Jetbrains Intellij Idea
7.8
CVSSv3
CVE-2022-48431
In JetBrains IntelliJ IDEA prior to 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation.
Jetbrains Intellij Idea
8.8
CVSSv3
CVE-2022-48432
In JetBrains IntelliJ IDEA prior to 2023.1 the bundled version of Chromium wasn't sandboxed.
Jetbrains Intellij Idea
7.5
CVSSv3
CVE-2022-48433
In JetBrains IntelliJ IDEA prior to 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server.
Jetbrains Intellij Idea
9.8
CVSSv3
CVE-2019-9186
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote malicious users to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost inter...
Jetbrains Intellij Idea
5.3
CVSSv3
CVE-2020-27622
In JetBrains IntelliJ IDEA prior to 2020.2, the built-in web server could expose information about the IDE version.
Jetbrains Intellij Idea
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »