Vulnerabilities > Jetbrains > Toolbox > 1.13

DATE CVE VULNERABILITY TITLE RISK
2025-04-17 CVE-2025-43014 Missing Critical Step in Authentication vulnerability in Jetbrains Toolbox
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
network
low complexity
jetbrains CWE-304
6.5
2025-04-17 CVE-2025-42921 Improper Validation of Certificate with Host Mismatch vulnerability in Jetbrains Toolbox
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
network
low complexity
jetbrains CWE-297
6.5
2025-04-17 CVE-2025-43013 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
network
low complexity
jetbrains CWE-319
7.5
2024-02-06 CVE-2024-24943 Resource Exhaustion vulnerability in Jetbrains Toolbox
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
local
low complexity
jetbrains CWE-400
5.5
2023-04-28 CVE-2022-48481 Unspecified vulnerability in Jetbrains Toolbox
In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible
local
low complexity
jetbrains
7.8
2020-11-16 CVE-2020-25207 Unspecified vulnerability in Jetbrains Toolbox
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
network
low complexity
jetbrains
critical
9.8
2020-11-16 CVE-2020-25013 Unspecified vulnerability in Jetbrains Toolbox
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
network
low complexity
jetbrains
7.5
2019-10-02 CVE-2019-14959 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
network
high complexity
jetbrains CWE-319
5.9