Vulnerabilities > Jetbrains > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-09 | CVE-2021-43185 | Injection vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. | 7.5 |
2021-11-09 | CVE-2021-43188 | Unspecified vulnerability in Jetbrains Youtrack Mobile In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. | 7.5 |
2021-11-09 | CVE-2021-43189 | Unspecified vulnerability in Jetbrains Youtrack Mobile In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. | 7.5 |
2021-11-09 | CVE-2021-43193 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible. | 7.5 |
2021-11-09 | CVE-2021-43200 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. | 7.5 |
2021-08-06 | CVE-2021-36209 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset. | 7.5 |
2021-08-06 | CVE-2021-37544 | Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. | 7.5 |
2021-05-11 | CVE-2021-31897 | Unspecified vulnerability in Jetbrains Webstorm In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects. | 7.5 |
2021-05-11 | CVE-2021-31898 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Webstorm In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS. | 7.5 |
2021-05-11 | CVE-2021-31914 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible. | 7.5 |