Vulnerabilities > Jetbrains > Toolbox
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-17 | CVE-2025-43014 | Missing Critical Step in Authentication vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation | 6.5 |
| 2025-04-17 | CVE-2025-42921 | Improper Validation of Certificate with Host Mismatch vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin | 6.5 |
| 2025-04-17 | CVE-2025-43013 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible | 7.5 |
| 2024-02-06 | CVE-2024-24943 | Resource Exhaustion vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image | 5.5 |
| 2023-04-28 | CVE-2022-48481 | Unspecified vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible | 7.8 |
| 2020-11-16 | CVE-2020-25207 | Unspecified vulnerability in Jetbrains Toolbox JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler. | 9.8 |
| 2020-11-16 | CVE-2020-25013 | Unspecified vulnerability in Jetbrains Toolbox JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler. | 7.5 |
| 2020-08-08 | CVE-2020-15827 | Improper Verification of Cryptographic Signature vulnerability in Jetbrains Toolbox 1.17/1.17.6802 In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file. | 7.5 |
| 2019-10-31 | CVE-2019-18368 | Unspecified vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escalation was possible. | 7.3 |
| 2019-10-02 | CVE-2019-14959 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 5.9 |