Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-10	CVE-2024-37051	Insufficiently Protected Credentials vulnerability in Jetbrains products GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 network low complexity jetbrains CWE-522	7.5
2024-03-28	CVE-2024-31135	Open Redirect vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 open redirect was possible on the login page network low complexity jetbrains CWE-601	6.1
2024-03-28	CVE-2024-31137	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration network low complexity jetbrains CWE-79	6.1
2024-03-28	CVE-2024-31138	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings network low complexity jetbrains CWE-79	5.4
2024-03-04	CVE-2024-27198	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible network low complexity jetbrains critical	9.8
2024-02-06	CVE-2024-23917	Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible network low complexity jetbrains CWE-306 critical	9.8
2024-02-06	CVE-2024-24936	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed network low complexity jetbrains	5.3
2024-02-06	CVE-2024-24937	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible network low complexity jetbrains CWE-79	5.4
2024-02-06	CVE-2024-24938	Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation network low complexity jetbrains CWE-22	5.3
2024-02-06	CVE-2024-24939	Information Exposure Through Log Files vulnerability in Jetbrains Rider In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible network low complexity jetbrains CWE-532	5.3

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains