Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Jetbrains Subscribe
Total 359 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-25766 1 Jetbrains 1 Youtrack 2021-02-08 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.4.4701, improper resource access checks were made.
CVE-2021-25762 1 Jetbrains 1 Ktor 2021-02-08 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible.
CVE-2020-35667 1 Jetbrains 1 Teamcity 2021-02-05 5.0 MEDIUM 7.5 HIGH
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.
CVE-2020-25208 1 Jetbrains 1 Youtrack 2021-02-05 5.0 MEDIUM 5.3 MEDIUM
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
CVE-2021-25763 1 Jetbrains 1 Ktor 2021-02-05 5.0 MEDIUM 5.3 MEDIUM
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
CVE-2021-25769 1 Jetbrains 1 Youtrack 2021-02-05 5.0 MEDIUM 7.5 HIGH
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.
CVE-2021-25774 1 Jetbrains 1 Teamcity 2021-02-05 4.0 MEDIUM 4.3 MEDIUM
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
CVE-2021-25770 1 Jetbrains 1 Youtrack 2021-02-05 7.5 HIGH 9.8 CRITICAL
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution.
CVE-2021-25756 1 Jetbrains 1 Intellij Idea 2021-02-05 5.0 MEDIUM 5.3 MEDIUM
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.
CVE-2021-25757 1 Jetbrains 1 Hub 2021-02-04 5.8 MEDIUM 6.1 MEDIUM
In JetBrains Hub before 2020.1.12629, an open redirect was possible.
CVE-2021-25765 1 Jetbrains 1 Youtrack 2021-02-04 6.8 MEDIUM 8.8 HIGH
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.
CVE-2021-25772 1 Jetbrains 1 Teamcity 2021-02-04 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
CVE-2021-25776 1 Jetbrains 1 Teamcity 2021-02-04 5.0 MEDIUM 7.5 HIGH
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
CVE-2021-25777 1 Jetbrains 1 Teamcity 2021-02-04 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
CVE-2021-25773 1 Jetbrains 1 Teamcity 2021-02-04 4.3 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
CVE-2019-12157 1 Jetbrains 2 Teamcity, Upsource 2021-01-26 10.0 HIGH 9.8 CRITICAL
In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands.
CVE-2020-27629 1 Jetbrains 1 Teamcity 2020-12-01 5.0 MEDIUM 5.3 MEDIUM
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
CVE-2020-26129 1 Jetbrains 1 Ktor 2020-12-01 6.4 MEDIUM 6.5 MEDIUM
In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible.
CVE-2020-27627 1 Jetbrains 1 Teamcity 2020-12-01 5.8 MEDIUM 6.1 MEDIUM
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
CVE-2020-27623 1 Jetbrains 1 Ideavim 2020-11-30 5.0 MEDIUM 7.5 HIGH
JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.