Search CVE reports
1 – 7 of 7 results
CVE-2020-7914
Medium priorityIn JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2020-7905
Medium priorityPorts listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2020-7904
Medium priorityIn JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-18361
Medium priorityJetBrains IntelliJ IDEA before 2019.2 allows local user privilege escalation, potentially leading to arbitrary code execution.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-14954
Medium priorityJetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-10103
Low priorityJetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin...
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2019-10104
Medium priorityIn several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration (for Tomcat, Jetty, Resin, or CloudBees) with the default setting allowed a remote attacker to execute code when the configuration...
2 affected packages
intellij-community-idea, intellij-idea
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
intellij-community-idea | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
intellij-idea | Not in release | Not in release | Not in release | Not in release | Not in release |