Vulnerabilities > Jetbrains > High

DATE CVE VULNERABILITY TITLE RISK
2025-04-17 CVE-2025-43013 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
network
low complexity
jetbrains CWE-319
7.5
2025-03-27 CVE-2025-31141 Information Exposure Through an Error Message vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
network
low complexity
jetbrains CWE-209
7.5
2025-01-21 CVE-2025-24456 Missing Authentication for Critical Function vulnerability in Jetbrains HUB
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication mapping
network
low complexity
jetbrains CWE-306
8.8
2025-01-21 CVE-2025-24458 Authentication Bypass by Spoofing vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and Helpdesk integration
local
low complexity
jetbrains CWE-290
7.8
2024-12-20 CVE-2024-56351 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
network
low complexity
jetbrains CWE-613
8.8
2024-12-20 CVE-2024-56356 XXE vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
network
low complexity
jetbrains CWE-611
7.1
2024-11-15 CVE-2024-52555 Unspecified vulnerability in Jetbrains Webstorm
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script
local
low complexity
jetbrains
7.8
2024-10-28 CVE-2024-50574 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality
network
low complexity
jetbrains
7.5
2024-10-08 CVE-2024-47948 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
network
low complexity
jetbrains CWE-22
7.5
2024-10-08 CVE-2024-47949 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location
network
low complexity
jetbrains CWE-22
7.5