Vulnerabilities > Jetbrains > Intellij Idea > 14.1.4

DATE CVE VULNERABILITY TITLE RISK
2022-04-28 CVE-2022-29812 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient
local
low complexity
jetbrains
2.1
2.1
2022-04-28 CVE-2022-29813 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible
local
low complexity
jetbrains CWE-94
4.6
4.6
2022-04-28 CVE-2022-29814 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible 		4.4
4.4
2022-04-28 CVE-2022-29815 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible
local
low complexity
jetbrains CWE-94
4.6
4.6
2022-04-28 CVE-2022-29816 Cross-site Scripting vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible
local
low complexity
jetbrains CWE-79
3.2
3.2
2022-04-28 CVE-2022-29817 Cross-site Scripting vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible
network
jetbrains CWE-79
4.3
4.3
2022-04-28 CVE-2022-29818 Origin Validation Error vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed
local
low complexity
jetbrains CWE-346
3.6
3.6
2022-04-28 CVE-2022-29819 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible 		4.4
4.4
2022-04-05 CVE-2022-28651 Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields
local
low complexity
jetbrains CWE-522
2.1
2.1
2022-02-25 CVE-2022-24345 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible.
local
low complexity
jetbrains
4.6
4.6