Vulnerabilities > Jetbrains > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-02 | CVE-2019-15040 | Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on the settings page. | 6.8 |
| 2019-10-02 | CVE-2019-15037 | Cross-site Scripting vulnerability in Jetbrains Teamcity 2018.2.4 An issue was discovered in JetBrains TeamCity 2018.2.4. | 4.3 |
| 2019-10-02 | CVE-2019-14959 | Missing Encryption of Sensitive Data vulnerability in Jetbrains Toolbox JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 4.3 |
| 2019-10-02 | CVE-2019-14958 | Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains Pycharm JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. | 5.0 |
| 2019-10-02 | CVE-2019-14956 | Improper Preservation of Permissions vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. | 4.0 |
| 2019-10-02 | CVE-2019-12737 | Use of Password Hash With Insufficient Computational Effort vulnerability in Jetbrains Ktor UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a One-Way Hash with a Predictable Salt for storing user credentials. | 5.0 |
| 2019-10-02 | CVE-2019-12156 | Information Exposure Through an Error Message vulnerability in Jetbrains Upsource Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293. | 5.0 |
| 2019-10-01 | CVE-2019-15041 | Open Redirect vulnerability in Jetbrains Youtrack JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere. | 5.8 |
| 2019-10-01 | CVE-2019-15035 | Information Exposure vulnerability in Jetbrains Teamcity 2018.2.4 An issue was discovered in JetBrains TeamCity 2018.2.4. | 4.0 |
| 2019-10-01 | CVE-2019-15042 | Improper Certificate Validation vulnerability in Jetbrains Teamcity 2018.2.4 An issue was discovered in JetBrains TeamCity 2018.2.4. | 5.0 |