Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2022-29930 Use of Insufficiently Random Values vulnerability in Jetbrains Ktor 2.0.0
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value.
network
low complexity
jetbrains CWE-330
4.9
2022-04-28 CVE-2022-29811 Cross-site Scripting vulnerability in Jetbrains HUB
In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.
network
low complexity
jetbrains CWE-79
4.8
2022-04-28 CVE-2022-29812 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient
local
low complexity
jetbrains
2.3
2022-04-28 CVE-2022-29813 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible
local
low complexity
jetbrains CWE-94
6.7
2022-04-28 CVE-2022-29814 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
local
low complexity
jetbrains CWE-94
7.7
2022-04-28 CVE-2022-29815 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible
local
low complexity
jetbrains CWE-94
6.7
2022-04-28 CVE-2022-29816 Cross-site Scripting vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible
local
low complexity
jetbrains CWE-79
3.2
2022-04-28 CVE-2022-29817 Cross-site Scripting vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible
network
low complexity
jetbrains CWE-79
6.1
2022-04-28 CVE-2022-29818 Origin Validation Error vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed
local
low complexity
jetbrains CWE-346
7.1
2022-04-28 CVE-2022-29819 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible
local
low complexity
jetbrains CWE-94
7.7