Vulnerabilities > Jetbrains > Intellij Idea
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-22 | CVE-2020-11690 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases. | 7.5 |
| 2020-01-31 | CVE-2020-7914 | Information Exposure vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. | 5.0 |
| 2020-01-30 | CVE-2020-7905 | Information Exposure vulnerability in Jetbrains Intellij Idea Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network. | 5.0 |
| 2020-01-30 | CVE-2020-7904 | Improper Certificate Validation vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS. | 5.8 |
| 2019-10-31 | CVE-2019-18361 | Unspecified vulnerability in Jetbrains Intellij Idea JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution. | 4.6 |
| 2019-10-01 | CVE-2019-14954 | Missing Encryption of Sensitive Data vulnerability in Jetbrains Intellij Idea JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection. | 4.3 |
| 2019-07-03 | CVE-2019-9873 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 5.0 |
| 2019-07-03 | CVE-2019-9872 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 4.3 |
| 2019-07-03 | CVE-2019-9823 | Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. | 5.0 |
| 2019-07-03 | CVE-2019-9186 | Improper Input Validation vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface). | 7.5 |