jetbrains

582 tracked vulnerabilities.

CVE-2025-29903 MEDIUM
JetBrains Runtime <21.0.6b872.80 - Code Injection
Mar 12, 2025
CVSS 5.2
EPSS 0.00
CVE-2025-26493 MEDIUM
JetBrains TeamCity < 2024.12.2 - DOM-based Cross-Site Scripting on Code Inspection Report Tab
Feb 11, 2025
CVSS 4.6
EPSS 0.00
CVE-2025-26492 HIGH
JetBrains TeamCity < 2024.12.2 - Insufficiently Protected Kubernetes Credentials
Feb 11, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-23385 HIGH
JetBrains dotTrace, ReSharper, Rider < 2024.1.7 & ETW Host Service < 16.43 - Local Privilege Escalation
Jan 28, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-24461 MEDIUM
JetBrains TeamCity < 2024.12.1 - Unauthenticated Decryption of Connection Secrets via Test Connection Endpoint
Jan 21, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-24460 MEDIUM
JetBrains TeamCity < 2024.12.1 - Unauthenticated Project Name Disclosure via Agent Pool
Jan 21, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24459 MEDIUM
JetBrains TeamCity < 2024.12.1 - Reflected Cross-Site Scripting on Vault Connection Page
Jan 21, 2025
CVSS 4.6
EPSS 0.03
CVE-2025-24458 HIGH
JetBrains YouTrack < 2024.3.55417 - Account Takeover via Spoofed Email and Helpdesk Integration
Jan 21, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-24457 MEDIUM
JetBrains YouTrack < 2024.3.55417 - Sensitive Information Exposure via Log File Insertion
Jan 21, 2025
CVSS 5.5
EPSS 0.01
CVE-2025-24456 MEDIUM
JetBrains Hub < 2024.3.55417 - Privilege Escalation via LDAP Authentication Mapping
Jan 21, 2025
CVSS 6.7
EPSS 0.00
CVE-2024-56356 MEDIUM
JetBrains TeamCity < 2024.12 - XML External Entity Injection via Insecure XML Parser Configuration
Dec 20, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-56355 MEDIUM
JetBrains TeamCity < 2024.12 - Cross-Site Scripting via RemoteBuildLogController Response
Dec 20, 2024
CVSS 4.6
EPSS 0.01
CVE-2024-56354 MEDIUM
JetBrains TeamCity < 2024.12 - Insufficiently Protected Credentials
Dec 20, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-56353 MEDIUM
JetBrains TeamCity <2024.12 - Info Disclosure
Dec 20, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-56352 MEDIUM
JetBrains TeamCity < 2024.12 - Stored Cross-Site Scripting via Agent Image Name
Dec 20, 2024
CVSS 4.6
EPSS 0.01
CVE-2024-56351 MEDIUM
JetBrains TeamCity < 2024.12 - Insufficient Session Expiration
Dec 20, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-56350 MEDIUM
JetBrains TeamCity < 2024.12 - Unauthorized Project Access via Build Credentials
Dec 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-56349 MEDIUM
JetBrains TeamCity < 2024.12 - Unauthenticated Build Log Modification
Dec 20, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-56348 MEDIUM
JetBrains TeamCity < 2024.12 - Incorrect Authorization
Dec 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-54158 LOW
JetBrains YouTrack <2024.3.52635 - Open Redirect
Dec 04, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-54157 MEDIUM
JetBrains YouTrack <2024.3.52635 - DoS
Dec 04, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-54156 MEDIUM
JetBrains YouTrack <2024.3.52635 - Prototype Pollution
Dec 04, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-54155 LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
Dec 04, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-54154 HIGH
JetBrains YouTrack <2024.3.51866 - Path Traversal
Dec 04, 2024
CVSS 8.0
EPSS 0.01
CVE-2024-54153 LOW
JetBrains YouTrack <2024.3.51866 - Info Disclosure
Dec 04, 2024
CVSS 3.1
EPSS 0.00