Vulnerabilidades em JetBrains

325 resultados
CVE-2024-43807MEDIUMIn JetBrains TeamCity before 2024.07.1 multiple stored XSS was possible on Clouds pageEPSS 0.3%CVE-2023-50870MEDIUMIn JetBrains TeamCity before 2023.11.1 a CSRF on login was possibleEPSS 0.3%CVE-2025-31141LOWIn JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles pageEPSS 0.3%CVE-2023-41250LOWIn JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registrationEPSS 0.3%CVE-2022-28651HIGHIn JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fieldsEPSS 0.3%CVE-2024-24941MEDIUMIn JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URLEPSS 0.3%CVE-2022-48342MEDIUMIn JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.EPSS 0.3%CVE-2024-38506MEDIUMIn JetBrains YouTrack before 2024.2.34646 user without appropriate permissions could enable the auto-attach option for workflowsEPSS 0.3%CVE-2025-47850MEDIUMIn JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloningEPSS 0.3%CVE-2023-41248MEDIUMIn JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configurationEPSS 0.3%CVE-2024-41826LOWIn JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection pageEPSS 0.3%CVE-2024-24936MEDIUMIn JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missedEPSS 0.3%CVE-2025-29904MEDIUMIn JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was possibleEPSS 0.3%CVE-2024-54156MEDIUMIn JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype pollution attackEPSS 0.3%CVE-2024-56353MEDIUMIn JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookiesEPSS 0.3%CVE-2024-47161MEDIUMIn JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST APIEPSS 0.3%CVE-2025-24461MEDIUMIn JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpointEPSS 0.3%CVE-2024-54158LOWIn JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of Punycode encodingEPSS 0.3%CVE-2024-50577MEDIUMIn JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settingsEPSS 0.3%CVE-2023-45613MEDIUMIn JetBrains Ktor before 2.3.5 server certificates were not verifiedEPSS 0.3%