Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-04	CVE-2024-54154	Path Traversal vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandbox network low complexity jetbrains CWE-22 critical	9.8
2024-12-04	CVE-2024-54155	Missing Authentication for Critical Function vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project names during app import without authentication network low complexity jetbrains CWE-306	5.3
2024-12-04	CVE-2024-54156	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype pollution attack network low complexity jetbrains	6.5
2024-12-04	CVE-2024-54157	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp in Ruby syntax detector network low complexity jetbrains	6.5
2024-12-04	CVE-2024-54158	Authentication Bypass by Spoofing vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encoding network low complexity jetbrains CWE-290	5.3
2024-11-15	CVE-2024-52555	Unspecified vulnerability in Jetbrains Webstorm In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script local low complexity jetbrains	7.8
2024-10-28	CVE-2024-50573	Missing Authorization vulnerability in Jetbrains HUB In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services network low complexity jetbrains CWE-862	5.4
2024-10-28	CVE-2024-50574	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality network low complexity jetbrains	7.5
2024-10-28	CVE-2024-50575	Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API network low complexity jetbrains CWE-79	6.1
2024-10-28	CVE-2024-50576	Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest network low complexity jetbrains CWE-79	5.4

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains