← Back

Jetbrains

jetbrains

564 CVEs • 38 products

Products (38)

Click to collapse
Toggle
Teamcity
teamcity
269 CVEs
Youtrack
youtrack
108 CVEs
Intellij Idea
intellij_idea
62 CVEs
Hub
hub
33 CVEs
Ktor
ktor
21 CVEs
Toolbox
toolbox
11 CVEs
Pycharm
pycharm
9 CVEs
Rider
rider
8 CVEs
Kotlin
kotlin
6 CVEs
Youtrack Mobile
youtrack_mobile
6 CVEs
Upsource
upsource
5 CVEs
Webstorm
webstorm
5 CVEs
Resharper
resharper
4 CVEs
Goland
goland
4 CVEs
Phpstorm
phpstorm
4 CVEs
Rubymine
rubymine
4 CVEs
Space
space
3 CVEs
Code With Me
code_with_me
3 CVEs
Junie
junie
3 CVEs
Mps
mps
2 CVEs
Clion
clion
2 CVEs
Dottrace
dottrace
2 CVEs
Dotpeek
dotpeek
1 CVE
Resharper Ultimate
resharper_ultimate
1 CVE
Youtrack Integration
youtrack_integration
1 CVE
Vim
vim
1 CVE
Idetalk
idetalk
1 CVE
Scala
scala
1 CVE
Ideavim
ideavim
1 CVE
Jetbrains Gateway
jetbrains_gateway
1 CVE
Aqua
aqua
1 CVE
Datagrip
datagrip
1 CVE
Dataspell
dataspell
1 CVE
Rustrover
rustrover
1 CVE
Etw Host Service
etw_host_service
1 CVE
Runtime
runtime
1 CVE
Ide Services
ide_services
1 CVE
Datalore
datalore
1 CVE

CVEs (564)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-29930
1Jetbrains
1Ktor
Nov 21, 2024
May 12, 2022
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1.
CVE-2022-29929
1Jetbrains
1Teamcity
Nov 21, 2024
May 12, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible
CVE-2022-29928
1Jetbrains
1Teamcity
Nov 21, 2024
May 12, 2022
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible
CVE-2022-29927
1Jetbrains
1Teamcity
Nov 21, 2024
May 12, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible
CVE-2022-29821
1Jetbrains
1Pycharm
Nov 21, 2024
Apr 28, 2022
N/A· v4
7.7 HIGH· v3
4.4 MEDIUM· v2
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible
CVE-2022-29820
1Jetbrains
1Pycharm
Nov 21, 2024
Apr 28, 2022
N/A· v4
3.5 LOW· v3
3.3 LOW· v2
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
CVE-2022-29819
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
7.7 HIGH· v3
4.4 MEDIUM· v2
In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible
CVE-2022-29818
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
7.1 HIGH· v3
3.6 LOW· v2
In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed
CVE-2022-29817
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible
CVE-2022-29816
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
3.2 LOW· v3
2.1 LOW· v2
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible
CVE-2022-29815
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
6.7 MEDIUM· v3
4.6 MEDIUM· v2
In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible
CVE-2022-29814
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
7.7 HIGH· v3
4.4 MEDIUM· v2
In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible
CVE-2022-29813
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
6.7 MEDIUM· v3
4.6 MEDIUM· v2
In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible
CVE-2022-29812
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 28, 2022
N/A· v4
2.3 LOW· v3
2.1 LOW· v2
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient
CVE-2022-29811
1Jetbrains
1Hub
Nov 21, 2024
Apr 28, 2022
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.
CVE-2022-29035
1Jetbrains
1Ktor
Nov 21, 2024
Apr 11, 2022
N/A· v4
2.7 LOW· v3
4.0 MEDIUM· v2
In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations
CVE-2022-28651
1Jetbrains
1Intellij Idea
Nov 21, 2024
Apr 5, 2022
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields
CVE-2022-28650
1Jetbrains
1Youtrack
Nov 21, 2024
Apr 5, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
CVE-2022-28649
1Jetbrains
1Youtrack
Nov 21, 2024
Apr 5, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
CVE-2022-28648
1Jetbrains
1Youtrack
Nov 21, 2024
Apr 5, 2022
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered