Vulnerabilities > Jetbrains > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-03 | CVE-2021-25760 | Information Exposure vulnerability in Jetbrains HUB In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible. | 5.0 |
2021-02-03 | CVE-2021-25759 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user. | 4.0 |
2021-02-03 | CVE-2021-25758 | Deserialization of Untrusted Data vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution. | 4.6 |
2021-02-03 | CVE-2021-25757 | Open Redirect vulnerability in Jetbrains HUB In JetBrains Hub before 2020.1.12629, an open redirect was possible. | 5.8 |
2021-02-03 | CVE-2021-25756 | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS. | 5.0 |
2021-02-03 | CVE-2020-35667 | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Teamcity JetBrains TeamCity Plugin before 2020.2.85695 SSRF. | 5.0 |
2021-02-03 | CVE-2020-29582 | Incorrect Default Permissions vulnerability in multiple products In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. | 5.3 |
2021-02-03 | CVE-2020-25208 | Incorrect Default Permissions vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions. | 5.0 |
2020-11-16 | CVE-2020-27627 | Injection vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | 5.8 |
2020-11-16 | CVE-2020-27623 | Unspecified vulnerability in Jetbrains Ideavim JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances. | 5.0 |