JetBrains

IntelliJ IDEA

56 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2025-57730

  • EPSS 0%
  • Published 20.08.2025 09:13:59
  • Last modified 30.09.2025 15:29:38

In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature

7.3

CVE-2025-57729

  • EPSS 0%
  • Published 20.08.2025 09:13:58
  • Last modified 21.08.2025 15:12:34

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start

6.5

CVE-2025-57728

  • EPSS 0.01%
  • Published 20.08.2025 09:13:57
  • Last modified 21.08.2025 14:48:13

In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files

7.5

CVE-2025-57727

  • EPSS 0%
  • Published 20.08.2025 09:13:57
  • Last modified 21.08.2025 14:47:47

In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference

3.3

CVE-2025-32054

  • EPSS 0%
  • Published 03.04.2025 17:15:30
  • Last modified 30.09.2025 21:39:02

In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file

6.1

CVE-2024-46970

  • EPSS 0%
  • Published 16.09.2024 11:15:13
  • Last modified 20.09.2024 13:23:29

In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible

7.5

CVE-2024-37051

  • EPSS 4.75%
  • Published 10.06.2024 16:15:16
  • Last modified 21.11.2024 09:23:06

GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP...

5.3

CVE-2024-24941

  • EPSS 0.01%
  • Published 06.02.2024 10:15:11
  • Last modified 21.11.2024 09:00:01

In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL

4.3

CVE-2024-24940

  • EPSS 0%
  • Published 06.02.2024 10:15:10
  • Last modified 15.05.2025 20:15:47

In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives

9.8

CVE-2023-51655

  • EPSS 0.01%
  • Published 21.12.2023 10:15:36
  • Last modified 21.11.2024 08:38:32

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration