CVE-2023-51655
21.12.2023, 10:15
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configurationEnginsight
| Vendor | Product | Version |
|---|---|---|
| jetbrains | intellij_idea | 𝑥 < 2023.3.2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-349 - Acceptance of Extraneous Untrusted Data With Trusted DataThe software, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.
- CWE-345 - Insufficient Verification of Data AuthenticityThe software does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.