CVE-2023-39261
- EPSS 0%
- Published 26.07.2023 13:15:10
- Last modified 21.11.2024 08:15:00
In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions
CVE-2023-38069
- EPSS 0%
- Published 12.07.2023 13:15:09
- Last modified 21.11.2024 08:12:47
In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases
CVE-2022-48432
- EPSS 0%
- Published 29.03.2023 13:15:08
- Last modified 21.11.2024 07:33:20
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.
CVE-2022-48433
- EPSS 0%
- Published 29.03.2023 13:15:08
- Last modified 21.11.2024 07:33:20
In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server.
CVE-2022-48431
- EPSS 0%
- Published 29.03.2023 13:15:07
- Last modified 21.11.2024 07:33:20
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation.
CVE-2022-48430
- EPSS 0%
- Published 29.03.2023 13:15:07
- Last modified 21.11.2024 07:33:20
In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.
CVE-2022-47896
- EPSS 0%
- Published 22.12.2022 11:15:09
- Last modified 21.11.2024 07:32:30
In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks.
CVE-2022-47895
- EPSS 0%
- Published 22.12.2022 11:15:09
- Last modified 21.11.2024 07:32:30
In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
CVE-2022-46828
- EPSS 0%
- Published 08.12.2022 18:15:10
- Last modified 21.11.2024 07:31:07
In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible.
CVE-2022-46827
- EPSS 0%
- Published 08.12.2022 18:15:10
- Last modified 21.11.2024 07:31:07
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.