Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-12866
An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168.
Jetbrains Youtrack
8.8
CVSSv3
CVE-2019-15040
JetBrains YouTrack versions prior to 2019.1 had a CSRF vulnerability on the settings page.
Jetbrains Youtrack
6.1
CVSSv3
CVE-2019-15041
JetBrains YouTrack versions prior to 2019.1.52545 allowed unbounded URL whitelisting because of Inclusion of Functionality from an Untrusted Control Sphere.
Jetbrains Youtrack
8.8
CVSSv3
CVE-2022-36322
In JetBrains TeamCity prior to 2022.04.2 build parameter injection was possible
Jetbrains Teamcity
5.4
CVSSv3
CVE-2019-19389
JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting.
Jetbrains Ktor
7.5
CVSSv3
CVE-2021-31898
In JetBrains WebStorm prior to 2021.1, HTTP requests were used instead of HTTPS.
Jetbrains Webstorm
7.5
CVSSv3
CVE-2021-31905
In JetBrains YouTrack prior to 2020.6.8801, information disclosure in an issue preview was possible.
Jetbrains Youtrack
9.8
CVSSv3
CVE-2021-31914
In JetBrains TeamCity prior to 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2023-45612
In JetBrains Ktor prior to 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
Jetbrains Ktor
9.1
CVSSv3
CVE-2023-45613
In JetBrains Ktor prior to 2.3.5 server certificates were not verified
Jetbrains Ktor
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »