Filtered by vendor Jetbrains
Subscriptions
Total
404 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-45977 | 1 Jetbrains | 7 Clion, Goland, Intellij Idea and 4 more | 2024-11-21 | 9.8 Critical |
| JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC (used as Remote Development backend IDEs) bind to the 0.0.0.0 IP address. The fixed versions are: IntelliJ IDEA 2021.3.1, PyCharm Professional 2021.3.1, GoLand 2021.3.2, PhpStorm 2021.3.1 (213.6461.83), RubyMine 2021.3.1, CLion 2021.3.2, and WebStorm 2021.3.1. | ||||
| CVE-2021-43203 | 1 Jetbrains | 1 Ktor | 2024-11-21 | 7.5 High |
| In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly. | ||||
| CVE-2021-43202 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 9.8 Critical |
| In JetBrains TeamCity before 2021.1.3, the X-Frame-Options header is missing in some cases. | ||||
| CVE-2021-43201 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project. | ||||
| CVE-2021-43200 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 9.8 Critical |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient. | ||||
| CVE-2021-43199 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient. | ||||
| CVE-2021-43198 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.4 Medium |
| In JetBrains TeamCity before 2021.1.2, stored XSS is possible. | ||||
| CVE-2021-43197 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 6.1 Medium |
| In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS. | ||||
| CVE-2021-43196 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 7.5 High |
| In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible. | ||||
| CVE-2021-43195 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing. | ||||
| CVE-2021-43194 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2021.1.2, user enumeration was possible. | ||||
| CVE-2021-43193 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 9.8 Critical |
| In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible. | ||||
| CVE-2021-43192 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-11-21 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, iOS URL scheme hijacking is possible. | ||||
| CVE-2021-43191 | 3 Apple, Google, Jetbrains | 3 Iphone Os, Android, Youtrack Mobile | 2024-11-21 | 5.3 Medium |
| JetBrains YouTrack Mobile before 2021.2, is missing the security screen on Android and iOS. | ||||
| CVE-2021-43190 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2024-11-21 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, task hijacking on Android is possible. | ||||
| CVE-2021-43189 | 2 Google, Jetbrains | 2 Android, Youtrack Mobile | 2024-11-21 | 7.3 High |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on Android is incomplete. | ||||
| CVE-2021-43188 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-11-21 | 7.3 High |
| In JetBrains YouTrack Mobile before 2021.2, access token protection on iOS is incomplete. | ||||
| CVE-2021-43187 | 2 Apple, Jetbrains | 2 Iphone Os, Youtrack Mobile | 2024-11-21 | 5.3 Medium |
| In JetBrains YouTrack Mobile before 2021.2, the client-side cache on iOS could contain sensitive information. | ||||
| CVE-2021-43186 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.4 Medium |
| JetBrains YouTrack before 2021.3.24402 is vulnerable to stored XSS. | ||||
| CVE-2021-43185 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 9.8 Critical |
| JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. | ||||