CVE-2020-7904
First published: Thu Jan 30 2020(Updated: )
In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains IntelliJ IDEA | <2019.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2020-7904.
What is the severity rating of CVE-2020-7904?
The severity rating of CVE-2020-7904 is high with a score of 7.4.
How does CVE-2020-7904 affect JetBrains IntelliJ IDEA?
CVE-2020-7904 affects JetBrains IntelliJ IDEA versions up to and excluding 2019.3.0.
What was the issue with Maven repositories in JetBrains IntelliJ IDEA before 2019.3?
In IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS.
Where can I find more information about CVE-2020-7904?
You can find more information about CVE-2020-7904 in the JetBrains security bulletin for Q4 2019: https://blog.jetbrains.com/blog/2020/01/24/jetbrains-security-bulletin-q4-2019/
- collector/nvd-index
- agent/weakness
- agent/author
- agent/tags
- agent/severity
- agent/type
- agent/event
- agent/references
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/jetbrains
- canonical/jetbrains intellij idea