Search CVE reports
1 – 10 of 25 results
unity-cli is a command line utility for the Unity Game Engine. Prior to 1.8.2 , the sign-package command in @rage-against-the-pixel/unity-cli logs sensitive credentials in plaintext when the --verbose flag is used. Command-line...
1 affected package
unity
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unity | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 2 of 5
The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and...
1 affected package
unity-firefox-extension
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unity-firefox-extension | — | — | — | — |
Some fixes available 2 of 5
The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in...
1 affected package
unity-firefox-extension
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unity-firefox-extension | — | — | — | — |
Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed...
1 affected package
unity8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| unity8 | — | — | — | Not in release |
In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
1 affected package
intellij-community-idea
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release |
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
2 affected packages
intellij-idea, intellij-community-idea
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| intellij-idea | Not in release | Not in release | Not in release | Not in release |
| intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release |
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
2 affected packages
intellij-idea, intellij-community-idea
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| intellij-idea | Not in release | Not in release | Not in release | Not in release |
| intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release |
In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
2 affected packages
intellij-community-idea, intellij-idea
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release |
| intellij-idea | Not in release | Not in release | Not in release | Not in release |
JetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution.
2 affected packages
intellij-idea, intellij-community-idea
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| intellij-idea | Not in release | Not in release | Not in release | Not in release |
| intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release |
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
2 affected packages
intellij-community-idea, intellij-idea
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release |
| intellij-idea | Not in release | Not in release | Not in release | Not in release |