Jetbrains: Security Vulnerabilities
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL
CVSS Score
6.1
EPSS Score
0.0
Published
2024-02-06
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
CVSS Score
5.3
EPSS Score
0.001
Published
2024-02-06
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
CVSS Score
5.3
EPSS Score
0.0
Published
2024-02-06
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
CVSS Score
5.3
EPSS Score
0.0
Published
2024-02-06
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible
CVSS Score
3.3
EPSS Score
0.0
Published
2024-02-06
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
CVSS Score
2.8
EPSS Score
0.0
Published
2024-02-06
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
CVSS Score
9.8
EPSS Score
0.944
Published
2024-02-06
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVSS Score
4.3
EPSS Score
0.0
Published
2024-02-06
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
CVSS Score
4.6
EPSS Score
0.285
Published
2024-02-06
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
CVSS Score
4.6
EPSS Score
0.212
Published
2024-01-09