Vulnerabilities > Jetbrains
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-31 | CVE-2023-34227 | Exposed Dangerous Method or Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 a specific endpoint was vulnerable to brute force attacks | 7.5 |
| 2023-05-31 | CVE-2023-34228 | Use of Single-factor Authentication vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 authentication checks were missing – 2FA was not checked for some sensitive account actions | 6.5 |
| 2023-05-31 | CVE-2023-34229 | Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05 stored XSS in GitLab Connection page was possible | 5.4 |
| 2023-04-28 | CVE-2022-48481 | Insufficient Control Flow Management vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible | 7.8 |
| 2023-04-24 | CVE-2022-48476 | Path Traversal vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible | 7.5 |
| 2023-04-24 | CVE-2022-48477 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains HUB In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing | 9.8 |
| 2023-04-04 | CVE-2022-48435 | Information Exposure Through Log Files vulnerability in Jetbrains PHPstorm 2021.3.1 In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file | 3.3 |
| 2023-03-29 | CVE-2022-48430 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview. | 7.5 |
| 2023-03-29 | CVE-2022-48431 | Insufficient Verification of Data Authenticity vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the “Trust Project” confirmation. | 7.8 |
| 2023-03-29 | CVE-2022-48432 | Insecure Default Initialization of Resource vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. | 8.8 |