CVE-2019-10103

HIGH

JetBrains IntelliJ IDEA - SSRF

Title source: llm

Description

JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This issue, which was fixed in Kotlin plugin version 1.3.30, is similar to CVE-2019-10101.

References (2)

[Vendor Advisory] https://blog.jetbrains.com/blog/2019/06/19/jetbrains-security-bulletin-q1-2019/

[Vendor Advisory] https://security.netapp.com/advisory/ntap-20230818-0012/

Scores

CVSS v3 8.1

EPSS 0.0000

EPSS Percentile 0.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-311

Status published

Products (1)

jetbrains/kotlin < 1.3.30

Published Jul 03, 2019

Tracked Since Feb 18, 2026