security

On December 27, 2021, we became aware of a security issue that exposes certain JetBrains Remote Development backend IDEs to the networks the server is connected to. This was a result of misconfiguration on our side. The following IDEs were affected: IntelliJ IDEA 2021.3.1 Preview (213.6461.21) and IntelliJ IDEA 2021.3.1 RC (213.6461.48)PyCharm Professional 2021.3.1 RC (213.6461.6)GoLand 2021.3.1 (213.6461.23)PhpStorm 2021.3.1 Preview (213.6461.28) and PhpStorm 2021.3.1 RC (213.6461.58)RubyMine 2021.3.1 Preview (213.6461.24) and RubyMine 2021.3.1 RC (213.6461.46)CLion 2021.3.1 (213.6461.4

What happened Similar to the rest of the industry, we became aware on the 10th of December 2021 of the Remote Code Execution vulnerability CVE-2021-44228 in the popular Java logging library log4j (all versions between 2.0 and 2.14.1 are vulnerable). We immediately took action to mitigate any potential impacts on our applications and systems. We'd like to provide you with an update. Actions we've taken We have run an audit of the applications that use log4j and have upgraded to 2.15.0 where necessary. Following is the list of already audited products and their status: All IntelliJ