CVE-2022-29813: Code Injection
First published: Thu Apr 28 2022(Updated: )
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible
Credit: security@jetbrains.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains IntelliJ IDEA | <2022.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-29813?
CVE-2022-29813 is a vulnerability in JetBrains IntelliJ IDEA before 2022.1 that allows local code execution via a custom Pandoc path.
How severe is CVE-2022-29813?
CVE-2022-29813 has a severity level of medium with a CVSS score of 6.7.
How can the vulnerability CVE-2022-29813 be exploited?
CVE-2022-29813 can be exploited by an attacker with local access to the affected system, who can set a custom Pandoc path to execute code.
Is JetBrains IntelliJ IDEA version 2022.1 affected by CVE-2022-29813?
Yes, JetBrains IntelliJ IDEA version 2022.1 is affected by CVE-2022-29813.
How can I fix the vulnerability CVE-2022-29813 in JetBrains IntelliJ IDEA?
To fix the vulnerability CVE-2022-29813 in JetBrains IntelliJ IDEA, update to a version later than 2022.1 or apply the necessary patches provided by JetBrains.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jetbrains
- canonical/jetbrains intellij idea