Vulnerabilities > Jetbrains > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-28 | CVE-2022-48481 | Unspecified vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible | 7.8 |
| 2023-04-24 | CVE-2022-48476 | Path Traversal vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible | 7.5 |
| 2023-03-29 | CVE-2022-48430 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview. | 7.5 |
| 2023-03-29 | CVE-2022-48431 | Insufficient Verification of Data Authenticity vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation. | 7.8 |
| 2023-03-29 | CVE-2022-48432 | Insecure Default Initialization of Resource vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. | 8.8 |
| 2023-03-29 | CVE-2022-48433 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server. | 7.5 |
| 2022-12-22 | CVE-2022-47895 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files. | 7.5 |
| 2022-12-22 | CVE-2022-47896 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks. | 7.8 |
| 2022-12-08 | CVE-2022-46824 | Classic Buffer Overflow vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible. | 7.8 |
| 2022-12-08 | CVE-2022-46828 | Unrestricted Upload of File with Dangerous Type vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible. | 7.8 |