In JetBrains IntelliJ IDEA before 2020.1, the license server could be resolved to an untrusted host in some cases.
9.8CVSS
9.2AI Score
0.002EPSS
In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.
5.3CVSS
5.2AI Score
0.001EPSS
In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
7.4CVSS
7.4AI Score
0.002EPSS
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network.
7.5CVSS
7.5AI Score
0.002EPSS
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3.
7.5CVSS
7.4AI Score
0.002EPSS