CVE-2022-46826
https://notcve.org/view.php?id=CVE-2022-46826
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server allowed an arbitrary file to be read by exploiting a path traversal vulnerability. En JetBrains IntelliJ IDEA anterior a 2022.3, el servidor web integrado permitía leer un archivo arbitrario explotando una vulnerabilidad de path traversal. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •
CVE-2022-46825
https://notcve.org/view.php?id=CVE-2022-46825
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open projects. En JetBrains IntelliJ IDEA anterior a 2022.3, el servidor web integrado filtró información sobre proyectos abiertos. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-326: Inadequate Encryption Strength •
CVE-2022-46824
https://notcve.org/view.php?id=CVE-2022-46824
In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible. En JetBrains IntelliJ IDEA antes de 2022.2.4, era posible que se produjera un desbordamiento del búfer en el daemon fsnotifier en macOS. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-40978
https://notcve.org/view.php?id=CVE-2022-40978
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking El instalador de JetBrains IntelliJ IDEA versiones anteriores a 2022.2.2, era vulnerable a un secuestro del orden de búsqueda del EXE • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-427: Uncontrolled Search Path Element •
CVE-2022-37010
https://notcve.org/view.php?id=CVE-2022-37010
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missed En JetBrains IntelliJ IDEA versiones anteriores a 2022.2, la comprobación de la dirección de correo electrónico en el cuadro de diálogo "Git User Name Is Not Defined" ha sido perdida • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-20: Improper Input Validation •