Vulnerabilities > Jetbrains > Toolbox > 1.13
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-17 | CVE-2025-43014 | Missing Critical Step in Authentication vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation | 6.5 |
| 2025-04-17 | CVE-2025-42921 | Improper Validation of Certificate with Host Mismatch vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin | 6.5 |
| 2025-04-17 | CVE-2025-43013 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible | 7.5 |
| 2024-02-06 | CVE-2024-24943 | Resource Exhaustion vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image | 5.5 |
| 2023-04-28 | CVE-2022-48481 | Unspecified vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible | 7.8 |
| 2020-11-16 | CVE-2020-25207 | Unspecified vulnerability in Jetbrains Toolbox JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler. | 9.8 |
| 2020-11-16 | CVE-2020-25013 | Unspecified vulnerability in Jetbrains Toolbox JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler. | 7.5 |
| 2019-10-02 | CVE-2019-14959 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 5.9 |