Vulnerabilidades em JetBrains
325 resultadosCVE-2023-43566LOWIn JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configurationEPSS 0.9%CVE-2023-38061MEDIUMIn JetBrains TeamCity before 2023.05.1 stored XSS when using a custom theme was possibleEPSS 0.9%CVE-2023-38065MEDIUMIn JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possibleEPSS 0.9%CVE-2023-38063MEDIUMIn JetBrains TeamCity before 2023.05.1 stored XSS while running custom builds was possibleEPSS 0.9%CVE-2025-31139MEDIUMIn JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build logEPSS 0.9%CVE-2026-25846MEDIUMIn JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logsEPSS 0.9%CVE-2022-29930HIGHSHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1.EPSS 0.8%CVE-2025-46432MEDIUMIn JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logsEPSS 0.8%CVE-2024-56355MEDIUMIn JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSSEPSS 0.8%CVE-2024-56352MEDIUMIn JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details pageEPSS 0.8%CVE-2025-59457HIGHIn JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on WindowsEPSS 0.8%CVE-2022-48476HIGHIn JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible
EPSS 0.8%CVE-2024-24938MEDIUMIn JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentationEPSS 0.7%CVE-2025-57734MEDIUMIn JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script filesEPSS 0.7%CVE-2025-52875MEDIUMIn JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possibleEPSS 0.7%CVE-2024-54154HIGHIn JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in plugin sandboxEPSS 0.7%CVE-2025-54534MEDIUMIn JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset pageEPSS 0.7%CVE-2025-67742LOWIn JetBrains TeamCity before 2025.11 path traversal was possible via file uploadEPSS 0.7%CVE-2026-49377MEDIUMIn JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parametersEPSS 0.7%CVE-2025-43012HIGHIn JetBrains Toolbox App before 2.6 command injection in SSH plugin was possibleEPSS 0.7%