What the vulnerability does
01Description
In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation.
CVSS base score
4.5/10
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
March 29, 2023
CVE published
February 12, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-28454 OpenClaw < 2026.2.2 - Authorization Bypass via Unauthenticated Telegram Webhook
CVE-2022-20829 Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability
CVE-2022-39199 Lack of proper validation in immudb
CVE-2026-25602
CVE-2026-42575 apko doesn't verify downloaded apk packages against APKINDEX checksum (package substitution possible)
