Jetbrains: Security Vulnerabilities
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
CVSS Score
7.4
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
CVSS Score
2.6
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
CVSS Score
3.5
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
CVSS Score
6.4
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
CVSS Score
4.6
EPSS Score
0.245
Published
2024-07-22
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
CVSS Score
3.5
EPSS Score
0.001
Published
2024-07-22
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
CVSS Score
4.1
EPSS Score
0.0
Published
2024-07-01
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
CVSS Score
5.0
EPSS Score
0.0
Published
2024-07-01
In JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflows
CVSS Score
6.3
EPSS Score
0.0
Published
2024-06-18
In JetBrains Hub before 2024.2.34646 stored XSS via project description was possible
CVSS Score
3.5
EPSS Score
0.001
Published
2024-06-18