Vulnerabilities > Jetbrains > Intellij Idea

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-11690 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
network
low complexity
jetbrains
7.5
2020-01-31 CVE-2020-7914 Information Exposure vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network.
network
low complexity
jetbrains CWE-200
5.0
2020-01-30 CVE-2020-7905 Information Exposure vulnerability in Jetbrains Intellij Idea
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
network
low complexity
jetbrains CWE-200
5.0
2020-01-30 CVE-2020-7904 Improper Certificate Validation vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
network
jetbrains CWE-295
5.8
2019-10-31 CVE-2019-18361 Unspecified vulnerability in Jetbrains Intellij Idea
JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution.
local
low complexity
jetbrains
4.6
2019-10-01 CVE-2019-14954 Missing Encryption of Sensitive Data vulnerability in Jetbrains Intellij Idea
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
network
jetbrains CWE-311
4.3
2019-07-03 CVE-2019-9873 Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea
In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files.
network
low complexity
jetbrains CWE-312
5.0
2019-07-03 CVE-2019-9872 Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files.
network
jetbrains CWE-312
4.3
2019-07-03 CVE-2019-9823 Cleartext Storage of Sensitive Information vulnerability in Jetbrains Intellij Idea
In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files.
network
low complexity
jetbrains CWE-312
5.0
2019-07-03 CVE-2019-9186 Improper Input Validation vulnerability in Jetbrains Intellij Idea
In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface).
network
low complexity
jetbrains CWE-20
7.5