Jetbrains

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-25776 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
CVE-2021-25775 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 3.8 LOW· v3 5.5 MEDIUM· v2 In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
CVE-2021-25774 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
CVE-2021-25773 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
CVE-2021-25772 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
CVE-2021-25771 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 4.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed.
CVE-2021-25770 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25769 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25768 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.
CVE-2021-25767 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution.
CVE-2021-25766 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25765 1Jetbrains 1Youtrack Nov 21, 2024 Feb 3, 2021 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2021-25763 1Jetbrains 1Ktor Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
CVE-2021-25762 1Jetbrains 1Ktor Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible.
CVE-2021-25761 1Jetbrains 1Ktor Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.
CVE-2021-25760 1Jetbrains 1Hub Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.
CVE-2021-25759 1Jetbrains 1Hub Nov 21, 2024 Feb 3, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other user.
CVE-2021-25758 1Jetbrains 1Intellij Idea Nov 21, 2024 Feb 3, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to local code execution.
CVE-2021-25757 1Jetbrains 1Hub Nov 21, 2024 Feb 3, 2021 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 In JetBrains Hub before 2020.1.12629, an open redirect was possible.
CVE-2021-25756 1Jetbrains 1Intellij Idea Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.

Previous 1...212223...29 Next