Vulnerabilities > Jetbrains > High

DATE CVE VULNERABILITY TITLE RISK
2021-11-09 CVE-2021-43185 Injection vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection.
network
low complexity
jetbrains CWE-74
7.5
7.5
2021-11-09 CVE-2021-43188 Unspecified vulnerability in Jetbrains Youtrack Mobile
In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete.
network
low complexity
jetbrains
7.5
7.5
2021-11-09 CVE-2021-43189 Unspecified vulnerability in Jetbrains Youtrack Mobile
In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete.
network
low complexity
jetbrains
7.5
7.5
2021-11-09 CVE-2021-43193 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.
network
low complexity
jetbrains
7.5
7.5
2021-11-09 CVE-2021-43200 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
network
low complexity
jetbrains
7.5
7.5
2021-08-06 CVE-2021-36209 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Jetbrains HUB
In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.
network
low complexity
jetbrains CWE-640
7.5
7.5
2021-08-06 CVE-2021-37544 Deserialization of Untrusted Data vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
network
low complexity
jetbrains CWE-502
7.5
7.5
2021-05-11 CVE-2021-31897 Unspecified vulnerability in Jetbrains Webstorm
In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects.
network
low complexity
jetbrains
7.5
7.5
2021-05-11 CVE-2021-31898 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Webstorm
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS.
network
low complexity
jetbrains CWE-319
7.5
7.5
2021-05-11 CVE-2021-31914 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
network
low complexity
jetbrains
7.5
7.5