Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2021-08-06 CVE-2021-36209 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB
In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.
network
low complexity
jetbrains CWE-640
critical
9.8
2021-08-06 CVE-2021-37540 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used.
network
low complexity
jetbrains
6.5
2021-08-06 CVE-2021-37541 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB
In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.
network
low complexity
jetbrains CWE-640
6.1
2021-08-06 CVE-2021-37542 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.3, XSS was possible.
network
low complexity
jetbrains CWE-79
6.1
2021-08-06 CVE-2021-37543 Unspecified vulnerability in Jetbrains Rubymine
In JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects.
network
low complexity
jetbrains
8.8
2021-08-06 CVE-2021-37544 Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
network
low complexity
jetbrains CWE-502
critical
9.8
2021-08-06 CVE-2021-37545 Improper Authentication vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
network
low complexity
jetbrains CWE-287
7.5
2021-08-06 CVE-2021-37546 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.
network
low complexity
jetbrains CWE-327
5.3
2021-08-06 CVE-2021-37547 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.
network
low complexity
jetbrains
5.3
2021-08-06 CVE-2021-37548 Cleartext Storage of Sensitive Information vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.
network
low complexity
jetbrains CWE-312
7.5