Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2021-25767 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2021-25766 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2021-25763 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Jetbrains Ktor
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
network
low complexity
jetbrains CWE-327
5.3
2021-02-03 CVE-2021-25762 HTTP Request Smuggling vulnerability in Jetbrains Ktor
In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible.
network
low complexity
jetbrains CWE-444
5.3
2021-02-03 CVE-2021-25761 Inadequate Encryption Strength vulnerability in Jetbrains Ktor
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.
network
low complexity
jetbrains CWE-326
5.3
2021-02-03 CVE-2021-25760 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2021-25759 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
network
low complexity
jetbrains
6.5
2021-02-03 CVE-2021-25757 Open Redirect vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
network
low complexity
jetbrains CWE-601
6.1
2021-02-03 CVE-2021-25756 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
network
low complexity
jetbrains
5.3
2021-02-03 CVE-2020-29582 Incorrect Default Permissions vulnerability in multiple products
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation.
network
low complexity
jetbrains oracle CWE-276
5.3