Jetbrains: Security Vulnerabilities
In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
CVSS Score
2.7
EPSS Score
0.0
Published
2025-03-27
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-27
In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
CVSS Score
4.6
EPSS Score
0.174
Published
2025-03-27
In JetBrains GoLand before 2025.1 an XXE during debugging was possible
CVSS Score
4.1
EPSS Score
0.0
Published
2025-03-25
In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possible
CVSS Score
5.3
EPSS Score
0.0
Published
2025-03-12
In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible
CVSS Score
5.2
EPSS Score
0.0
Published
2025-03-12
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
CVSS Score
7.7
EPSS Score
0.0
Published
2025-02-11
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab
CVSS Score
4.6
EPSS Score
0.157
Published
2025-02-11
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible
CVSS Score
7.8
EPSS Score
0.0
Published
2025-01-28
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
CVSS Score
4.3
EPSS Score
0.0
Published
2025-01-21