PT-2019-11552 · Jetbrains · Kotlin+1
Jonathan Leitschuh
·
Published
2019-07-03
·
Updated
2023-08-18
·
CVE-2019-10103
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
JetBrains IntelliJ IDEA versions prior to Kotlin plugin version 1.3.30
Description:
The issue allows for a potential MITM attack due to JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template resolving Gradle artifacts using an http connection.
Recommendations:
For versions prior to Kotlin plugin version 1.3.30, update the Kotlin plugin to version 1.3.30 to resolve the issue.
Fix
Missing Encryption of Sensitive Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jetbrains Intellij Idea
Kotlin