Search CVE reports
1 – 10 of 11 results
CVE-2020-11690
Medium priorityIn JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
1 affected package
intellij-community-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
CVE-2020-7914
Medium priorityIn JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2020-7905
Medium priorityPorts listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2020-7904
Medium priorityIn JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-18361
Medium priorityJetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-14954
Medium priorityJetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-10103
Low priorityJetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin...
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-9873
Medium priorityIn several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. The issue has been fixed in the...
1 affected package
intellij-community-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
CVE-2019-9823
Medium priorityIn several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. The issue has been fixed in...
1 affected package
intellij-community-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
CVE-2019-9186
Medium priorityIn several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces...
1 affected package
intellij-community-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |