jetbrains

543 tracked vulnerabilities.

CVE-2024-56352 MEDIUM
JetBrains TeamCity < 2024.12 - Stored Cross-Site Scripting via Agent Image Name
Dec 20, 2024
CVSS 4.6
EPSS 0.34
CVE-2024-56351 MEDIUM
JetBrains TeamCity < 2024.12 - Insufficient Session Expiration
Dec 20, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-56350 MEDIUM
JetBrains TeamCity < 2024.12 - Unauthorized Project Access via Build Credentials
Dec 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-56349 MEDIUM
JetBrains TeamCity < 2024.12 - Unauthenticated Build Log Modification
Dec 20, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-56348 MEDIUM
JetBrains TeamCity < 2024.12 - Incorrect Authorization
Dec 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-54158 LOW
JetBrains YouTrack <2024.3.52635 - Open Redirect
Dec 04, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-54157 MEDIUM
JetBrains YouTrack <2024.3.52635 - DoS
Dec 04, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-54156 MEDIUM
JetBrains YouTrack <2024.3.52635 - Prototype Pollution
Dec 04, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-54155 LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
Dec 04, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-54154 HIGH
JetBrains YouTrack <2024.3.51866 - Path Traversal
Dec 04, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-54153 LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
Dec 04, 2024
CVSS 3.1
EPSS 0.00
CVE-2024-52555 MEDIUM
JetBrains WebStorm < 2024.3.0 - Remote Code Execution via Type Definitions Installer Script
Nov 15, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-50582 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Stored Cross-Site Scripting in Markdown Elements
Oct 28, 2024
CVSS 4.6
EPSS 0.22
CVE-2024-50581 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Cross-Site Scripting via Comment Tag
Oct 28, 2024
CVSS 4.6
EPSS 0.22
CVE-2024-50580 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Stored Cross-Site Scripting via Markdown Parsing
Oct 28, 2024
CVSS 4.6
EPSS 0.24
CVE-2024-50579 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Reflected Cross-Site Scripting via Insecure Link Sanitization
Oct 28, 2024
CVSS 4.6
EPSS 0.08
CVE-2024-50578 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Stored Cross-Site Scripting via Sprint Value on Agile Boards Page
Oct 28, 2024
CVSS 4.6
EPSS 0.22
CVE-2024-50577 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Stored Cross-Site Scripting via Angular Template Injection in Hub Settings
Oct 28, 2024
CVSS 4.6
EPSS 0.17
CVE-2024-50576 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Stored Cross-Site Scripting via Vendor URL in App Manifest
Oct 28, 2024
CVSS 4.6
EPSS 0.22
CVE-2024-50575 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Reflected Cross-Site Scripting via Widget API
Oct 28, 2024
CVSS 5.4
EPSS 0.08
CVE-2024-50574 MEDIUM
JetBrains YouTrack < 2024.3.47707 - Denial of Service via Email Header Parsing
Oct 28, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-50573 MEDIUM
JetBrains Hub < 2024.3.47707 - Missing Authorization for Permanent Token Generation
Oct 28, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-49580 MEDIUM
JetBrains Ktor <2.3.13 - Info Disclosure
Oct 17, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49579 HIGH
JetBrains YouTrack <2024.3.47197 - XSS
Oct 17, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-48902 MEDIUM
JetBrains YouTrack < 2024.3.46677 - Unauthorized Application Deletion via API
Oct 10, 2024
CVSS 5.4
EPSS 0.00
Products
teamcity 258 youtrack 103 intellij_idea 58 hub 33 ktor 21 toolbox 11 pycharm 8 rider 8 kotlin 6 youtrack_mobile 6 upsource 5 webstorm 5 goland 4 phpstorm 4 resharper 4 rubymine 4 code_with_me 3 junie 3 space 3 TeamCity 2 clion 2 dottrace 2 mps 2 Datalore 1 IntelliJ IDEA 1 Junie 1 YouTrack 1 aqua 1 datagrip 1 datalore 1
Quick Filters
Critical CVEs With Exploits In CISA KEV