Vulnerabilities > Jetbrains

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2021-25762 HTTP Request Smuggling vulnerability in Jetbrains Ktor
In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible.
network
low complexity
jetbrains CWE-444
5.3
2021-02-03 CVE-2021-25761 Inadequate Encryption Strength vulnerability in Jetbrains Ktor
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.
network
low complexity
jetbrains CWE-326
5.3
2021-02-03 CVE-2021-25760 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2021-25759 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
network
low complexity
jetbrains
6.5
2021-02-03 CVE-2021-25758 Deserialization of Untrusted Data vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
local
low complexity
jetbrains CWE-502
7.8
2021-02-03 CVE-2021-25757 Open Redirect vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
network
low complexity
jetbrains CWE-601
6.1
2021-02-03 CVE-2021-25756 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2021-25755 Unspecified vulnerability in Jetbrains Code With ME
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID, could get access to the encrypted traffic.
local
high complexity
jetbrains
2.5
2021-02-03 CVE-2020-35667 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity
JetBrains TeamCity Plugin before 2020.2.85695 SSRF.
network
low complexity
jetbrains CWE-918
7.5
2021-02-03 CVE-2020-29582 Incorrect Default Permissions vulnerability in multiple products
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation.
network
low complexity
jetbrains oracle CWE-276
5.3