Vulnerabilities > Jetbrains > Pycharm

DATE CVE VULNERABILITY TITLE RISK
2024-06-10 CVE-2024-37051 Insufficiently Protected Credentials vulnerability in Jetbrains products
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
network
low complexity
jetbrains CWE-522
7.5
2022-04-28 CVE-2022-29820 Exposure of Resource to Wrong Sphere vulnerability in Jetbrains Pycharm
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
low complexity
jetbrains CWE-668
3.3
2022-04-28 CVE-2022-29821 Code Injection vulnerability in Jetbrains Pycharm
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible
4.4
2022-02-25 CVE-2021-45977 Unspecified vulnerability in Jetbrains products
JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC (used as Remote Development backend IDEs) bind to the 0.0.0.0 IP address.
network
low complexity
jetbrains
7.5
2021-05-11 CVE-2021-30005 Insufficient Verification of Data Authenticity vulnerability in Jetbrains Pycharm
In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS.
local
low complexity
jetbrains CWE-345
4.6
2020-04-10 CVE-2020-11694 Insufficiently Protected Credentials vulnerability in Jetbrains Pycharm 2019.2.5/2019.3
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included.
network
low complexity
jetbrains CWE-522
5.0
2019-10-02 CVE-2019-14958 Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains Pycharm
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes.
network
low complexity
jetbrains CWE-770
5.0