Vulnerabilities > Jetbrains
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-03 | CVE-2019-12843 | Code Injection vulnerability in Jetbrains Teamcity A possible stored JavaScript injection requiring a deliberate server administrator action was detected. | 6.1 |
| 2019-07-03 | CVE-2019-12842 | Cross-site Scripting vulnerability in Jetbrains Teamcity A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. | 6.1 |
| 2019-07-03 | CVE-2019-12841 | Improper Input Validation vulnerability in Jetbrains Teamcity Incorrect handling of user input in ZIP extraction was detected in JetBrains TeamCity. | 7.5 |
| 2019-07-03 | CVE-2019-10103 | Missing Encryption of Sensitive Data vulnerability in Jetbrains Kotlin JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. | 8.1 |
| 2019-07-03 | CVE-2019-10102 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin and Ktor JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. | 8.1 |
| 2019-07-03 | CVE-2019-10101 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack. | 8.1 |
| 2019-07-03 | CVE-2019-9873 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task Servers configurations leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 9.8 |
| 2019-07-03 | CVE-2019-9872 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. | 8.1 |
| 2019-07-03 | CVE-2019-9823 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, creating remote run configurations of JavaEE application servers leads to saving a cleartext record of the server credentials in the IDE configuration files. | 9.8 |
| 2019-07-03 | CVE-2019-9186 | Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Intellij Idea In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface). | 9.8 |