GoLand
by Jetbrains
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-45977 | Cri | 0.64 | 9.8 | 0.01 | Feb 25, 2022 | JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm… | ||
| CVE-2024-37051 | Cri | 0.61 | 9.3 | 0.04 | Jun 10, 2024 | GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3,… | ||
| CVE-2020-11685 | Hig | 0.49 | 7.5 | 0.01 | Apr 22, 2020 | In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. | ||
| CVE-2025-29932 | Med | 0.27 | 4.1 | 0.00 | Mar 25, 2025 | In JetBrains GoLand before 2025.1 an XXE during debugging was possible | ||
| CVE-2026-53915 | 0.00 | — | 0.00 | Jun 19, 2026 | In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration |
- risk 0.64cvss 9.8epss 0.01
JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm…
- risk 0.61cvss 9.3epss 0.04
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3,…
- risk 0.49cvss 7.5epss 0.01
In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS.
- risk 0.27cvss 4.1epss 0.00
In JetBrains GoLand before 2025.1 an XXE during debugging was possible
- CVE-2026-53915Jun 19, 2026risk 0.00cvss —epss 0.00
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration