Vulnerabilities > Jetbrains > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-11795 Insufficient Session Expiration vulnerability in Jetbrains Space
In JetBrains Space through 2020-04-22, the session timeout period was configured improperly.
network
low complexity
jetbrains CWE-613
7.5
2020-04-22 CVE-2020-11693 Unspecified vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11691 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible.
network
low complexity
jetbrains
7.5
2020-04-22 CVE-2020-11688 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.
network
low complexity
jetbrains CWE-613
7.5
2020-04-22 CVE-2020-11687 Information Exposure vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
network
low complexity
jetbrains CWE-200
7.5
2020-04-22 CVE-2020-11685 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Goland
In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS.
network
low complexity
jetbrains CWE-319
7.5
2020-04-10 CVE-2020-11694 Insufficiently Protected Credentials vulnerability in Jetbrains Pycharm 2019.2.5/2019.3
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included.
network
low complexity
jetbrains CWE-522
7.5
2020-02-21 CVE-2020-7907 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Scala
In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections.
network
low complexity
jetbrains CWE-319
7.5
2020-01-31 CVE-2020-7914 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network.
network
low complexity
jetbrains
7.5
2020-01-30 CVE-2020-7909 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.
network
low complexity
jetbrains CWE-522
7.5