Vulnerabilities > Jetbrains > Youtrack > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-28 | CVE-2024-50574 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality | 7.5 |
2024-06-18 | CVE-2024-38505 | Insufficiently Protected Credentials vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site | 7.5 |
2024-06-18 | CVE-2024-38506 | Missing Authorization vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows | 8.1 |
2023-07-12 | CVE-2023-38068 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2023.1.16597 captcha was not properly validated for Helpdesk forms | 7.3 |
2023-06-12 | CVE-2023-35053 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2023.1.10518 a DoS attack was possible via Helpdesk forms | 7.5 |
2021-08-06 | CVE-2021-37550 | Incorrect Comparison vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used. | 7.5 |
2021-08-06 | CVE-2021-37553 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. | 7.5 |
2021-05-11 | CVE-2021-31902 | Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was implemented improperly. | 7.5 |
2021-05-11 | CVE-2021-31905 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.6.8801, information disclosure in an issue preview was possible. | 7.5 |
2021-02-03 | CVE-2021-25769 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments. | 7.5 |