PT-2020-12773 · Jetbrains · Goland
Published
2020-04-22
·
Updated
2021-07-21
·
CVE-2020-11685
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
JetBrains GoLand versions prior to 2019.3.2
Description
The plugin repository in JetBrains GoLand was accessed via HTTP instead of HTTPS, which could pose a security risk.
Recommendations
For versions prior to 2019.3.2, update to version 2019.3.2 or later to ensure the plugin repository is accessed via HTTPS.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Goland