Filtered by vendor Jetbrains
Subscriptions
Total
382 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7907 | 1 Jetbrains | 1 Scala | 2024-08-04 | 7.5 High |
| In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. | ||||
| CVE-2020-7911 | 1 Jetbrains | 1 Teamcity | 2024-08-04 | 6.1 Medium |
| In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. | ||||
| CVE-2020-7905 | 1 Jetbrains | 1 Intellij Idea | 2024-08-04 | 7.5 High |
| Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network. | ||||
| CVE-2020-7909 | 1 Jetbrains | 1 Teamcity | 2024-08-04 | 7.5 High |
| In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. | ||||
| CVE-2020-7906 | 1 Jetbrains | 1 Rider | 2024-08-04 | 7.5 High |
| In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3. | ||||
| CVE-2020-5207 | 1 Jetbrains | 1 Ktor | 2024-08-04 | 5.4 Medium |
| In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. | ||||
| CVE-2021-45977 | 1 Jetbrains | 7 Clion, Goland, Intellij Idea and 4 more | 2024-08-04 | 9.8 Critical |
| JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC (used as Remote Development backend IDEs) bind to the 0.0.0.0 IP address. The fixed versions are: IntelliJ IDEA 2021.3.1, PyCharm Professional 2021.3.1, GoLand 2021.3.2, PhpStorm 2021.3.1 (213.6461.83), RubyMine 2021.3.1, CLion 2021.3.2, and WebStorm 2021.3.1. | ||||
| CVE-2021-43187 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. | ||||
| CVE-2021-43188 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-08-04 | 7.3 High |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. | ||||
| CVE-2021-43194 | 1 Jetbrains | 1 Teamcity | 2024-08-04 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, user enumeration was possible. | ||||
| CVE-2021-43181 | 1 Jetbrains | 1 Hub | 2024-08-04 | 6.1 Medium |
| In JetBrains Hub before 2021.1.13690, stored XSS is possible. | ||||
| CVE-2021-43191 | 3 Apple, Google, Jetbrains | 3 Iphone Os, Android, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. | ||||
| CVE-2021-43180 | 1 Jetbrains | 1 Hub | 2024-08-04 | 7.5 High |
| In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible. | ||||
| CVE-2021-43192 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. | ||||
| CVE-2021-43198 | 1 Jetbrains | 1 Teamcity | 2024-08-04 | 5.4 Medium |
| In JetBrains TeamCity before 2021.1.2, stored XSS is possible. | ||||
| CVE-2021-43189 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2024-08-04 | 7.3 High |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. | ||||
| CVE-2021-43190 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2024-08-04 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. | ||||
| CVE-2021-43184 | 1 Jetbrains | 1 Youtrack | 2024-08-04 | 5.4 Medium |
| In JetBrains YouTrack before 2021.3.21051, stored XSS is possible. | ||||
| CVE-2021-43196 | 1 Jetbrains | 1 Teamcity | 2024-08-04 | 7.5 High |
| In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible. | ||||
| CVE-2021-43201 | 1 Jetbrains | 1 Teamcity | 2024-08-04 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | ||||