CVE-2020-11685

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS.
Source: NIST
CVE-2020-11685