Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Intellij_idea
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-06 | CVE-2024-24940 | In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives | Intellij_idea | 4.3 | ||
| 2020-01-30 | CVE-2020-7904 | In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS. | Intellij_idea | 7.4 | ||
| 2020-01-30 | CVE-2020-7905 | Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network. | Intellij_idea | 7.5 | ||
| 2020-01-31 | CVE-2020-7914 | In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3. | Intellij_idea | 7.5 | ||
| 2020-11-16 | CVE-2020-27622 | In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version. | Intellij_idea | 5.3 | ||
| 2021-02-03 | CVE-2021-25756 | In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS. | Intellij_idea | 5.3 | ||
| 2021-02-03 | CVE-2021-25758 | In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution. | Intellij_idea | 7.8 | ||
| 2021-05-11 | CVE-2021-29263 | In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS. | Intellij_idea | 7.8 | ||
| 2021-05-11 | CVE-2021-30006 | In IntelliJ IDEA before 2020.3.3, XXE was possible, leading to information disclosure. | Intellij_idea | 7.5 | ||
| 2021-05-11 | CVE-2021-30504 | In JetBrains IntelliJ IDEA before 2021.1, DoS was possible because of unbounded resource allocation. | Intellij_idea | 7.5 |