Jetbrains: Security Vulnerabilities
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
CVSS Score
3.3
EPSS Score
0.0
Published
2020-11-16
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-11-16
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
CVSS Score
9.8
EPSS Score
0.0
Published
2020-11-16
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-11-16
In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-11-16
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
CVSS Score
7.3
EPSS Score
0.0
Published
2020-10-19
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019.2.65515, and 2019.3.65516, an attacker can retrieve an issue description without appropriate access.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-08-27
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
CVSS Score
5.3
EPSS Score
0.0
Published
2020-08-08
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
CVSS Score
6.5
EPSS Score
0.0
Published
2020-08-08