Vulnerabilities > Jetbrains > Intellij Idea > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-06 | CVE-2024-24940 | Path Traversal vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives | 4.3 |
2024-02-06 | CVE-2024-24941 | Improper Input Validation vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL | 5.3 |
2022-12-08 | CVE-2022-46826 | Path Traversal vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability. | 5.5 |
2022-12-08 | CVE-2022-46827 | XXE vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible. | 5.5 |
2022-04-28 | CVE-2022-29813 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | 4.6 |
2022-04-28 | CVE-2022-29814 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | 4.4 |
2022-04-28 | CVE-2022-29815 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | 4.6 |
2022-04-28 | CVE-2022-29817 | Cross-site Scripting vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible | 4.3 |
2022-04-28 | CVE-2022-29819 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | 4.4 |
2022-02-25 | CVE-2022-24345 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible. | 4.6 |