CVE-2020-11685
First published: Wed Apr 22 2020(Updated: )
In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains GoLand | <2019.3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-11685.
What is the severity of CVE-2020-11685?
The severity of CVE-2020-11685 is high with a CVSS score of 7.5.
How does this vulnerability affect JetBrains GoLand?
This vulnerability affects JetBrains GoLand versions up to (but not including) 2019.3.2.
What is the impact of this vulnerability?
The impact of this vulnerability is that the plugin repository in JetBrains GoLand is accessed via HTTP instead of HTTPS, which may expose sensitive data to potential attackers.
Is there a fix available for this vulnerability?
Yes, the fix for this vulnerability is to upgrade to JetBrains GoLand version 2019.3.2 or later.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/event
- agent/type
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jetbrains
- canonical/jetbrains goland