Vulnerabilities > Jetbrains > Toolbox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-17 | CVE-2025-43014 | Missing Critical Step in Authentication vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation | 6.5 |
| 2025-04-17 | CVE-2025-42921 | Improper Validation of Certificate with Host Mismatch vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin | 6.5 |
| 2024-02-06 | CVE-2024-24943 | Resource Exhaustion vulnerability in Jetbrains Toolbox In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image | 5.5 |
| 2019-10-02 | CVE-2019-14959 | Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 5.9 |