DYLIB Injection Vulnerability in JetBrains IntelliJ IDEA on macOS
CVE-2022-46828

5.2MEDIUM

Key Information:

Vendor: Jetbrains
Status: Intellij Idea
Vendor: CVE Published:; 8 December 2022

What is CVE-2022-46828?

A vulnerability has been identified in JetBrains IntelliJ IDEA before version 2022.3 that allows attackers to perform DYLIB injection on macOS systems. This flaw could enable unauthorized code execution through specially crafted input, compromising the integrity of applications developed using this IDE. Users are encouraged to update to the latest version to mitigate potential risks.

Affected Version(s)

IntelliJ IDEA macOS 0 < 2022.3

References

https://www.jetbrains.com/privacy-security/issues-fixed/

CVSS V3.1

Score:

5.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2022
Vulnerability Reserved
Dec 8, 2022

Jetbrains

What is CVE-2022-46828?

Affected Version(s)

References

CVSS V3.1

Timeline