Vulnerabilities > Jetbrains > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-11-16 CVE-2020-27622 Unspecified vulnerability in Jetbrains Intellij Idea
In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.
network
low complexity
jetbrains
5.3
2020-11-16 CVE-2020-26129 HTTP Request Smuggling vulnerability in Jetbrains Ktor
In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible.
network
low complexity
jetbrains CWE-444
6.5
2020-11-16 CVE-2020-27629 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
network
low complexity
jetbrains
5.3
2020-11-16 CVE-2020-27628 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
network
low complexity
jetbrains
4.3
2020-11-16 CVE-2020-27626 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
network
low complexity
jetbrains CWE-918
5.3
2020-11-16 CVE-2020-27625 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
network
low complexity
jetbrains
5.3
2020-11-16 CVE-2020-27624 Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
network
low complexity
jetbrains CWE-918
5.3
2020-11-16 CVE-2020-25210 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
network
low complexity
jetbrains
5.3
2020-08-27 CVE-2020-24618 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
network
low complexity
jetbrains
6.5
2020-08-08 CVE-2020-15831 Cross-site Scripting vulnerability in Jetbrains Teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
network
low complexity
jetbrains CWE-79
6.1