Known Vulnerabilities for Intellij Idea by Jetbrains
Listed below are 10 of the newest known vulnerabilities associated with "Intellij Idea" by "Jetbrains".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-39261 json | In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions | 7.8 - HIGH | 2023-07-26 | 2023-08-02 |
| CVE-2023-38069 json | In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases | 3.3 - LOW | 2023-07-12 | 2023-07-20 |
| CVE-2022-48433 json | In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in we... | 7.5 - HIGH | 2023-03-29 | 2023-04-01 |
| CVE-2022-48432 json | In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. | 8.8 - HIGH | 2023-03-29 | 2023-04-01 |
| CVE-2022-48431 json | In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Proj... | 7.8 - HIGH | 2023-03-29 | 2023-04-01 |
| CVE-2022-48430 json | In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview. | 7.5 - HIGH | 2023-03-29 | 2023-04-01 |
| CVE-2022-47896 json | In JetBrains IntelliJ IDEA before 2022.3.1 code Templates were vulnerable to SSTI attacks. | 7.8 - HIGH | 2022-12-22 | 2022-12-29 |
| CVE-2022-47895 json | In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR fil... | 7.5 - HIGH | 2022-12-22 | 2022-12-29 |
| CVE-2022-46828 json | In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible. | 7.8 - HIGH | 2022-12-08 | 2022-12-12 |
| CVE-2022-46827 json | In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possibl... | 5.5 - MEDIUM | 2022-12-08 | 2022-12-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jetbrains | Intellij Idea | 9.0.4 | |||
| Application | Jetbrains | Intellij Idea | 9.0.3 | |||
| Application | Jetbrains | Intellij Idea | 2020.3 | |||
| Application | Jetbrains | Intellij Idea | 2020.2 | |||
| Application | Jetbrains | Intellij Idea | 2020.1 | |||
| Application | Jetbrains | Intellij Idea | 2019.3.4 | |||
| Application | Jetbrains | Intellij Idea | 2019.3.3 | |||
| Application | Jetbrains | Intellij Idea | 2019.3.0 | |||
| Application | Jetbrains | Intellij Idea | 2019.3 | |||
| Application | Jetbrains | Intellij Idea | 2019.2.4 | |||
| Application | Jetbrains | Intellij Idea | 2019.2.3 | |||
| Application | Jetbrains | Intellij Idea | 2019.2.2 | |||
| Application | Jetbrains | Intellij Idea | 2019.2.1 | |||
| Application | Jetbrains | Intellij Idea | 2019.2 | |||
| Application | Jetbrains | Intellij Idea | 2019.1.4 | |||
| Application | Jetbrains | Intellij Idea | 2019.1.3 | |||
| Application | Jetbrains | Intellij Idea | 2019.1.2 | |||
| Application | Jetbrains | Intellij Idea | 2019.1.1 | |||
| Application | Jetbrains | Intellij Idea | 2019.1 | |||
| Application | Jetbrains | Intellij Idea | 2018.3.6 |