CVE-2022-40978

HIGH

JetBrains IntelliJ IDEA <2022.2.2 - Code Injection

Title source: llm
STIX 2.1

Description

The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0000
EPSS Percentile 0.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Details

CWE
CWE-427
Status published
Products (1)
jetbrains/intellij_idea < 2022.2.2
Published Sep 19, 2022
Tracked Since Feb 18, 2026