Jetbrains: Security Vulnerabilities
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
CVSS Score
4.3
EPSS Score
0.0
Published
2020-11-16
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
CVSS Score
3.3
EPSS Score
0.0
Published
2020-11-16
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-11-16
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
CVSS Score
9.8
EPSS Score
0.0
Published
2020-11-16
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-11-16
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVSS Score
7.3
EPSS Score
0.0
Published
2020-10-19