CVE-2022-46827: XEE
First published: Thu Dec 08 2022(Updated: )
In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible.
Credit: security@jetbrains.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| JetBrains IntelliJ IDEA | <2022.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this JetBrains IntelliJ IDEA vulnerability?
The vulnerability ID for this JetBrains IntelliJ IDEA vulnerability is CVE-2022-46827.
What is the severity of vulnerability CVE-2022-46827?
The severity of vulnerability CVE-2022-46827 is medium.
What is the affected software for vulnerability CVE-2022-46827?
The affected software for vulnerability CVE-2022-46827 is JetBrains IntelliJ IDEA before version 2022.3.
How does vulnerability CVE-2022-46827 work?
Vulnerability CVE-2022-46827 is an XXE attack that leads to SSRF via requests to custom plugin repositories in JetBrains IntelliJ IDEA before version 2022.3.
Is there a fix available for vulnerability CVE-2022-46827?
Yes, a fix is available for vulnerability CVE-2022-46827. It is recommended to update to JetBrains IntelliJ IDEA version 2022.3 or later.
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jetbrains
- canonical/jetbrains intellij idea