Vulnerabilities > Jetbrains > Youtrack > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-50574 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality
network
low complexity
jetbrains
7.5
2024-06-18 CVE-2024-38505 Insufficiently Protected Credentials vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site
network
low complexity
jetbrains CWE-522
7.5
2024-06-18 CVE-2024-38506 Missing Authorization vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows
network
low complexity
jetbrains CWE-862
8.1
2023-07-12 CVE-2023-38068 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms
network
low complexity
jetbrains
7.3
2023-06-12 CVE-2023-35053 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms
network
low complexity
jetbrains
7.5
2021-08-06 CVE-2021-37550 Incorrect Comparison vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.
network
low complexity
jetbrains CWE-697
7.5
2021-08-06 CVE-2021-37553 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.
network
low complexity
jetbrains CWE-338
7.5
2021-05-11 CVE-2021-31902 Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly.
network
low complexity
jetbrains CWE-732
7.5
2021-05-11 CVE-2021-31905 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible.
network
low complexity
jetbrains
7.5
2021-02-03 CVE-2021-25769 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
network
low complexity
jetbrains
7.5