Vulnerabilities (CVE)

Filtered by vendor Jetbrains Subscribe
Total 396 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38180 1 Jetbrains 1 Ktor 2024-02-28 N/A 6.5 MEDIUM
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases
CVE-2022-44622 1 Jetbrains 1 Teamcity 2024-02-28 N/A 5.3 MEDIUM
In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive
CVE-2022-44623 1 Jetbrains 1 Teamcity 2024-02-28 N/A 7.5 HIGH
In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
CVE-2022-44646 1 Jetbrains 1 Teamcity 2024-02-28 N/A 5.3 MEDIUM
In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings
CVE-2022-38133 1 Jetbrains 1 Teamcity 2024-02-28 N/A 5.3 MEDIUM
In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases
CVE-2022-37396 1 Jetbrains 1 Rider 2024-02-28 N/A 7.8 HIGH
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution
CVE-2022-37009 1 Jetbrains 1 Intellij Idea 2024-02-28 N/A 7.8 HIGH
In JetBrains IntelliJ IDEA before 2022.2 local code execution via a Vagrant executable was possible
CVE-2022-36321 1 Jetbrains 1 Teamcity 2024-02-28 N/A 6.5 MEDIUM
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases
CVE-2022-38179 1 Jetbrains 1 Ktor 2024-02-28 N/A 6.1 MEDIUM
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack
CVE-2022-40979 1 Jetbrains 1 Teamcity 2024-02-28 N/A 5.3 MEDIUM
In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable
CVE-2022-37010 1 Jetbrains 1 Intellij Idea 2024-02-28 N/A 3.3 LOW
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not Defined" dialog was missed
CVE-2022-44624 1 Jetbrains 1 Teamcity 2024-02-28 N/A 7.5 HIGH
In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters
CVE-2022-25262 1 Jetbrains 1 Hub 2024-02-28 7.5 HIGH 9.8 CRITICAL
In JetBrains Hub before 2022.1.14434, SAML request takeover was possible.
CVE-2022-24347 1 Jetbrains 1 Youtrack 2024-02-28 3.5 LOW 5.4 MEDIUM
JetBrains YouTrack before 2021.4.36872 was vulnerable to stored XSS via a project icon.
CVE-2022-24339 1 Jetbrains 1 Teamcity 2024-02-28 3.5 LOW 5.4 MEDIUM
JetBrains TeamCity before 2021.2.1 was vulnerable to stored XSS.
CVE-2022-24334 1 Jetbrains 1 Teamcity 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server.
CVE-2022-29927 1 Jetbrains 1 Teamcity 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible
CVE-2022-24332 1 Jetbrains 1 Teamcity 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie.
CVE-2022-29820 1 Jetbrains 1 Pycharm 2024-02-28 3.3 LOW 3.5 LOW
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
CVE-2022-24342 1 Jetbrains 1 Teamcity 2024-02-28 6.8 MEDIUM 8.8 HIGH
In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible.