CVE-2021-29263

In JetBrains IntelliJ IDEA 2020.3.3, local code execution was possible because of insufficient checks when getting the project from VCS.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
jetbrainsintellij_idea
𝑥
< 2020.3.3
𝑥
= Vulnerable software versions
References
https://blog.jetbrains.com
https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/
https://blog.jetbrains.com
https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/