Vulnerabilities (CVE)

Filtered by vendor Jetbrains Subscribe
Total 398 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-29582 2 Jetbrains, Oracle 4 Kotlin, Communications Cloud Native Core Network Slice Selection Function, Communications Cloud Native Core Policy and 1 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions.
CVE-2020-27629 1 Jetbrains 1 Teamcity 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
CVE-2020-27628 1 Jetbrains 1 Teamcity 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
CVE-2020-27627 1 Jetbrains 1 Teamcity 2024-11-21 5.8 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
CVE-2020-27626 1 Jetbrains 1 Youtrack 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
CVE-2020-27625 1 Jetbrains 1 Youtrack 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
CVE-2020-27624 1 Jetbrains 1 Youtrack 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
CVE-2020-27623 1 Jetbrains 1 Ideavim 2024-11-21 5.0 MEDIUM 7.5 HIGH
JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.
CVE-2020-27622 1 Jetbrains 1 Intellij Idea 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.
CVE-2020-26129 1 Jetbrains 1 Ktor 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible.
CVE-2020-25210 1 Jetbrains 1 Youtrack 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
CVE-2020-25209 1 Jetbrains 1 Youtrack 2024-11-21 5.0 MEDIUM 7.5 HIGH
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
CVE-2020-25208 1 Jetbrains 1 Youtrack 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
CVE-2020-25207 1 Jetbrains 1 Toolbox 2024-11-21 10.0 HIGH 9.8 CRITICAL
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
CVE-2020-25013 1 Jetbrains 1 Toolbox 2024-11-21 5.0 MEDIUM 7.5 HIGH
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
CVE-2020-24618 1 Jetbrains 1 Youtrack 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVE-2020-24366 1 Jetbrains 1 Youtrack 2024-11-21 2.1 LOW 3.3 LOW
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
CVE-2020-15831 1 Jetbrains 1 Teamcity 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
CVE-2020-15830 1 Jetbrains 1 Teamcity 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
CVE-2020-15829 1 Jetbrains 1 Teamcity 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.