Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2022-05-12 CVE-2022-29927 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible
network
jetbrains CWE-79
4.3
2022-05-12 CVE-2022-29928 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible
network
low complexity
jetbrains CWE-532
4.0
2022-05-12 CVE-2022-29929 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible
network
jetbrains CWE-79
4.3
2022-05-12 CVE-2022-29930 Use of Insufficiently Random Values vulnerability in Jetbrains Ktor
SHA1 implementation in JetBrains Ktor Native before 2.0.1 was returning the same value
network
low complexity
jetbrains CWE-330
4.0
2022-04-28 CVE-2022-29811 Cross-site Scripting vulnerability in Jetbrains HUB
In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.
network
jetbrains CWE-79
3.5
2022-04-28 CVE-2022-29812 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient
local
low complexity
jetbrains
2.1
2022-04-28 CVE-2022-29813 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible
local
low complexity
jetbrains CWE-94
4.6
2022-04-28 CVE-2022-29814 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
4.4
2022-04-28 CVE-2022-29815 Code Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible
local
low complexity
jetbrains CWE-94
4.6
2022-04-28 CVE-2022-29816 Injection vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible
local
low complexity
jetbrains CWE-74
2.1