Vulnerabilities > Jetbrains > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-03 | CVE-2020-25208 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions. | 5.3 |
2020-11-16 | CVE-2020-27627 | Injection vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | 6.1 |
2020-11-16 | CVE-2020-27622 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version. | 5.3 |
2020-11-16 | CVE-2020-26129 | HTTP Request Smuggling vulnerability in Jetbrains Ktor In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible. | 6.5 |
2020-11-16 | CVE-2020-27629 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. | 5.3 |
2020-11-16 | CVE-2020-27628 | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. | 4.3 |
2020-11-16 | CVE-2020-27626 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. | 5.3 |
2020-11-16 | CVE-2020-27625 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues. | 5.3 |
2020-11-16 | CVE-2020-27624 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. | 5.3 |
2020-11-16 | CVE-2020-25210 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants. | 5.3 |