Vulnerabilities > Jetbrains > Intellij Idea > 13.1.4

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-24940 Path Traversal vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
network
low complexity
jetbrains CWE-22
4.3
2024-02-06 CVE-2024-24941 Improper Input Validation vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL
network
low complexity
jetbrains CWE-20
5.3
2023-12-21 CVE-2023-51655 Insufficient Verification of Data Authenticity vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration
network
low complexity
jetbrains CWE-345
critical
9.8
2023-07-26 CVE-2023-39261 Execution with Unnecessary Privileges vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions
local
low complexity
jetbrains CWE-250
7.8
2023-07-12 CVE-2023-38069 Improper Check for Unusual or Exceptional Conditions vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases
local
low complexity
jetbrains CWE-754
3.3
2022-12-08 CVE-2022-46824 Classic Buffer Overflow vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.
local
low complexity
jetbrains CWE-120
7.8
2022-12-08 CVE-2022-46825 Inadequate Encryption Strength vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects.
local
low complexity
jetbrains CWE-326
3.3
2022-12-08 CVE-2022-46826 Path Traversal vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability.
local
low complexity
jetbrains CWE-22
5.5
2022-12-08 CVE-2022-46827 XXE vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
local
low complexity
jetbrains CWE-611
5.5
2022-12-08 CVE-2022-46828 Unrestricted Upload of File with Dangerous Type vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
local
low complexity
jetbrains CWE-434
7.8