In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.