Vulnerabilities > Jetbrains > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-08 | CVE-2022-46828 | Unrestricted Upload of File with Dangerous Type vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2022.3 a DYLIB injection on macOS was possible. | 7.8 |
2022-12-08 | CVE-2022-46829 | Improper Authentication vulnerability in Jetbrains Gateway In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented. | 8.8 |
2022-11-18 | CVE-2022-45471 | Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains HUB In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address | 7.5 |
2022-11-03 | CVE-2022-44623 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings | 7.5 |
2022-11-03 | CVE-2022-44624 | Information Exposure Through Log Files vulnerability in Jetbrains Teamcity In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters | 7.5 |
2022-02-25 | CVE-2022-25263 | OS Command Injection vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration. | 7.5 |
2022-02-25 | CVE-2021-45977 | Unspecified vulnerability in Jetbrains products JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC (used as Remote Development backend IDEs) bind to the 0.0.0.0 IP address. | 7.5 |
2022-02-25 | CVE-2022-24340 | XXE vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.2.1, XXE during the parsing of the configuration file was possible. | 7.5 |
2021-11-30 | CVE-2021-43202 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases. | 7.5 |
2021-11-09 | CVE-2021-43183 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13690, the authentication throttling mechanism could be bypassed. | 7.5 |