CVE-2022-29814 is a vulnerability in JetBrains Intellij Idea
Published on April 28, 2022
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
Vulnerability Analysis
CVE-2022-29814 is exploitable with local system access, requires user interaction and user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Weakness Type
What is a Code Injection Vulnerability?
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CVE-2022-29814 has been classified to as a Code Injection vulnerability or weakness.
Products Associated with CVE-2022-29814
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-29814 are published in JetBrains Intellij Idea:
Affected Versions
JetBrains IntelliJ IDEA:- Version 2022.1 and below 2022.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.