Vulnerabilities (CVE)

Filtered by vendor Jetbrains Subscribe
Total 396 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-25757 1 Jetbrains 1 Hub 2024-02-28 5.8 MEDIUM 6.1 MEDIUM
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
CVE-2021-25769 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 7.5 HIGH
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25760 1 Jetbrains 1 Hub 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
CVE-2020-27624 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
CVE-2021-25775 1 Jetbrains 1 Teamcity 2024-02-28 5.5 MEDIUM 3.8 LOW
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
CVE-2021-25766 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2020-27625 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
CVE-2021-25764 1 Jetbrains 1 Phpstorm 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs.
CVE-2021-25756 1 Jetbrains 1 Intellij Idea 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
CVE-2020-25209 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 7.5 HIGH
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
CVE-2021-25778 1 Jetbrains 1 Teamcity 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.
CVE-2020-24618 1 Jetbrains 1 Youtrack 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVE-2020-15823 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 7.5 HIGH
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
CVE-2020-11692 1 Jetbrains 1 Youtrack 2024-02-28 4.0 MEDIUM 2.7 LOW
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators.
CVE-2020-11694 2 Jetbrains, Microsoft 2 Pycharm, Windows 2024-02-28 5.0 MEDIUM 7.5 HIGH
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included. This is fixed in 2019.2.6 and 2019.3.3.
CVE-2020-11687 1 Jetbrains 1 Teamcity 2024-02-28 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.
CVE-2020-15830 1 Jetbrains 1 Teamcity 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
CVE-2020-15829 1 Jetbrains 1 Teamcity 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
CVE-2020-15824 2 Jetbrains, Oracle 3 Kotlin, Banking Extensibility Workbench, Communications Cloud Native Core Policy 2024-02-28 6.5 MEDIUM 8.8 HIGH
In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
CVE-2020-15819 1 Jetbrains 1 Youtrack 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.