Vulnerabilities > Jetbrains > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2022-29930 | Use of Insufficiently Random Values vulnerability in Jetbrains Ktor 2.0.0 SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. | 4.9 |
| 2022-04-28 | CVE-2022-29813 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | 4.6 |
| 2022-04-28 | CVE-2022-29814 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | 4.4 |
| 2022-04-28 | CVE-2022-29815 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | 4.6 |
| 2022-04-28 | CVE-2022-29817 | Cross-site Scripting vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible | 4.3 |
| 2022-04-28 | CVE-2022-29819 | Code Injection vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible | 4.4 |
| 2022-04-28 | CVE-2022-29821 | Code Injection vulnerability in Jetbrains Pycharm In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible | 4.4 |
| 2022-04-11 | CVE-2022-29035 | Use of Insufficiently Random Values vulnerability in Jetbrains Ktor In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations | 4.0 |
| 2022-02-25 | CVE-2022-25259 | Cross-site Scripting vulnerability in Jetbrains HUB JetBrains Hub before 2021.1.14276 was vulnerable to reflected XSS. | 4.3 |
| 2022-02-25 | CVE-2022-25260 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains HUB JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF). | 6.4 |