Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2021-25760 Information Exposure vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
network
low complexity
jetbrains CWE-200
5.0
5.0
2021-02-03 CVE-2021-25759 Unspecified vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
network
low complexity
jetbrains
4.0
4.0
2021-02-03 CVE-2021-25758 Deserialization of Untrusted Data vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
local
low complexity
jetbrains CWE-502
4.6
4.6
2021-02-03 CVE-2021-25757 Open Redirect vulnerability in Jetbrains HUB
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
network
jetbrains CWE-601
5.8
5.8
2021-02-03 CVE-2021-25756 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
network
low complexity
jetbrains
5.0
5.0
2021-02-03 CVE-2020-35667 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity
JetBrains TeamCity Plugin before 2020.2.85695 SSRF.
network
low complexity
jetbrains CWE-918
5.0
5.0
2021-02-03 CVE-2020-29582 Incorrect Default Permissions vulnerability in multiple products
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation.
network
low complexity
jetbrains oracle CWE-276
5.3
5.3
2021-02-03 CVE-2020-25208 Incorrect Default Permissions vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
network
low complexity
jetbrains CWE-276
5.0
5.0
2020-11-16 CVE-2020-27627 Injection vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
network
jetbrains CWE-74
5.8
5.8
2020-11-16 CVE-2020-27623 Unspecified vulnerability in Jetbrains Ideavim
JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.
network
low complexity
jetbrains
5.0
5.0