VYPR

Intellij Idea

by Jetbrains

CVEs (62)

  • CVE-2022-48432Mar 29, 2023
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.

  • CVE-2022-48431Mar 29, 2023
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation.

  • CVE-2022-48430Mar 29, 2023
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.

  • CVE-2022-47896Dec 22, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.

  • CVE-2022-47895Dec 22, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.

  • CVE-2022-46828Dec 8, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.

  • CVE-2022-46827Dec 8, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.

  • CVE-2022-46826Dec 8, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.

  • CVE-2022-46825Dec 8, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.

  • CVE-2022-46824Dec 8, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.

  • CVE-2022-40978Sep 19, 2022
    risk 0.00cvss epss 0.00

    The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking

  • CVE-2022-37010Jul 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missed

  • CVE-2022-37009Jul 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible

  • CVE-2022-29819Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible

  • CVE-2022-29818Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed

  • CVE-2022-29817Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible

  • CVE-2022-29816Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible

  • CVE-2022-29815Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible

  • CVE-2022-29814Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible

  • CVE-2022-29813Apr 28, 2022
    risk 0.00cvss epss 0.00

    In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible