CVE-2022-29815
https://notcve.org/view.php?id=CVE-2022-29815
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible En JetBrains IntelliJ IDEA versiones anteriores a 2022.1, era posible una ejecución de código local por medio de la configuración del workspace • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-29814
https://notcve.org/view.php?id=CVE-2022-29814
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible En JetBrains IntelliJ IDEA versiones anteriores a 2022.1, era posible una ejecución de código local por medio de descripciones HTML en esquemas JSON personalizados • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-29813
https://notcve.org/view.php?id=CVE-2022-29813
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible En JetBrains IntelliJ IDEA versiones anteriores a 2022.1, era posible una ejecución de código local por medio de la ruta personalizada de Pandoc • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-29812
https://notcve.org/view.php?id=CVE-2022-29812
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient En JetBrains IntelliJ IDEA versiones anteriores a 2022.1, los mecanismos de notificación sobre el uso de caracteres de formato de direccionalidad Unicode eran insuficientes • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-176: Improper Handling of Unicode Encoding •
CVE-2022-28651
https://notcve.org/view.php?id=CVE-2022-28651
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields En JetBrains IntelliJ IDEA versiones anteriores a 2021.3.3, era posible conseguir contraseñas de campos protegidos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-522: Insufficiently Protected Credentials •