Vulnerabilities > Jetbrains
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-10103 | Missing Encryption of Sensitive Data vulnerability in Jetbrains Kotlin JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. | 8.1 |
| 2019-07-03 | CVE-2019-10102 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin and Ktor JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. | 8.1 |
| 2019-07-03 | CVE-2019-10101 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. | 8.1 |
| 2019-07-03 | CVE-2019-9873 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 9.8 |
| 2019-07-03 | CVE-2019-9872 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 8.1 |
| 2019-07-03 | CVE-2019-9823 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. | 9.8 |
| 2019-07-03 | CVE-2019-9186 | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface). | 9.8 |
| 2019-07-03 | CVE-2019-12867 | Unspecified vulnerability in Jetbrains Youtrack Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. | 9.8 |
| 2019-07-03 | CVE-2019-12866 | Authorization Bypass Through User-Controlled Key vulnerability in Jetbrains Youtrack An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. | 9.8 |
| 2019-07-03 | CVE-2019-12851 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack A CSRF vulnerability was detected in one of the admin endpoints of JetBrains YouTrack. | 8.8 |