Jetbrains: >> Intellij Idea >> 12.1.3 Security Vulnerabilities
In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-25
In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-02-25
In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-05-11
In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-05-11
In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-05-11
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-02-03
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-02-03
In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
CVSS Score
9.8
EPSS Score
0.0
Published
2020-04-22
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-01-31