Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Intellij_idea
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-25 | CVE-2022-24346 | In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible. | Intellij_idea | 7.8 | ||
| 2022-02-25 | CVE-2022-24345 | In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible. | Intellij_idea | 7.8 | ||
| 2022-04-05 | CVE-2022-28651 | In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields | Intellij_idea | 5.5 | ||
| 2022-04-28 | CVE-2022-29812 | In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient | Intellij_idea | 2.3 | ||
| 2022-04-28 | CVE-2022-29813 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible | Intellij_idea | 6.7 | ||
| 2022-04-28 | CVE-2022-29814 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible | Intellij_idea | 7.7 | ||
| 2022-04-28 | CVE-2022-29815 | In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible | Intellij_idea | 6.7 | ||
| 2022-04-28 | CVE-2022-29816 | In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible | Intellij_idea | 3.2 | ||
| 2022-04-28 | CVE-2022-29817 | In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible | Intellij_idea | 6.1 | ||
| 2022-04-28 | CVE-2022-29818 | In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed | Intellij_idea | 7.1 |