Vulnerabilities > Jetbrains

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-06	CVE-2024-24941	Improper Input Validation vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL network low complexity jetbrains CWE-20	5.3
2024-02-06	CVE-2024-24942	Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives network low complexity jetbrains CWE-22	5.3
2024-02-06	CVE-2024-24943	Resource Exhaustion vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image local low complexity jetbrains CWE-400	5.5
2024-01-09	CVE-2024-22370	Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible network low complexity jetbrains CWE-79	5.4
2023-12-21	CVE-2023-51655	Insufficient Verification of Data Authenticity vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration network low complexity jetbrains CWE-345 critical	9.8
2023-12-15	CVE-2023-50870	Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible network low complexity jetbrains CWE-352	8.8
2023-12-15	CVE-2023-50871	Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed network low complexity jetbrains	4.3
2023-10-09	CVE-2023-45612	XXE vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE network low complexity jetbrains CWE-611 critical	9.8
2023-10-09	CVE-2023-45613	Improper Certificate Validation vulnerability in Jetbrains Ktor In JetBrains Ktor before 2.3.5 server certificates were not verified network low complexity jetbrains CWE-295 critical	9.1
2023-09-19	CVE-2023-42793	Authentication Bypass Using an Alternate Path or Channel vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible network low complexity jetbrains CWE-288 critical	9.8

Vulnerabilities > Jetbrains {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jetbrains"}]}

Vulnerabilities > Jetbrains