Jetbrains Latest Vulnerabilities
September 16
HTML Injection Vulnerability in JetBrains IntelliJ IDEA Before 2024.1
CVE-2024-46970
JetbrainsIntellij Idea3.3LOW
August 16
XSS vulnerability in TeamCity agentPushPreset page
CVE-2024-43809
JetBrainsTeamcity6.1MEDIUM
Self-XSS vulnerability in JetBrains TeamCity 2024.07.1 HashiCorp Vault plugin
CVE-2024-43808
JetBrainsTeamcity5.4MEDIUM
XSS vulnerability in TeamCity's AWS Core plugin
CVE-2024-43810
JetBrainsTeamcity5.4MEDIUM
Stored XSS vulnerability in TeamCity Clouds page
CVE-2024-43807
JetBrainsTeamcity5.4MEDIUM
August 6
Potential Privilege Escalation in TeamCity Before 2024.07.1
CVE-2024-43114
JetbrainsTeamcity7.8HIGH
July 22
Code Inspection Vulnerability in TeamCity Before 2024.07
CVE-2024-41825
JetBrainsTeamcity5.4MEDIUM
TeamCity OAuth Code Theft Vulnerability
CVE-2024-41829
JetBrainsTeamcity7.5HIGH
XSS vulnerability found in TeamCity before 2024.07
CVE-2024-41826
JetBrainsTeamcity4.8MEDIUM
Authorization Token Comparison Took Non-Constant Time in Previous Versions of TeamCity
CVE-2024-41828
JetBrainsTeamcity6.5MEDIUM
Password Leaks in TeamCity Build Logs
CVE-2024-41824
JetbrainsTeamcity6.5MEDIUM
Access Tokens Persisted After Deletion or Expiration in Previous JetBrains TeamCity Versions
CVE-2024-41827
JetbrainsTeamcity9.8CRITICAL
July 1
TeamCity Application Token Exposure in EC2 Cloud Profile Settings
CVE-2024-39879
JetbrainsTeamcity5MEDIUM
Private Key Exposure in TeamCity Before 2024.03.3
CVE-2024-39878
JetbrainsTeamcity4.1MEDIUM
June 18
XSS vulnerability in JetBrains Hub project descriptions
CVE-2024-38507
JetbrainsHub5.4MEDIUM
Auto-attach vulnerability in YouTrack before 2024.2.34646
CVE-2024-38506
JetbrainsYoutrack8.1HIGH
YouTrack User Access Tokens Vulnerability
CVE-2024-38505
JetbrainsYoutrack7.5HIGH
Guest User Account Attachment Vulnerability
CVE-2024-38504
JetbrainsYoutrack5.3MEDIUM
June 10
CVE-2024-37051
JetbrainsIntellij Idea👾7.5HIGH
May 29
Authentication Bypass Vulnerability in JetBrains TeamCity
CVE-2024-36470
JetbrainsTeamcity8.1HIGH
TeamCity Vulnerable to DoS Attacks via Incorrect Auth Tokens
CVE-2024-36378
JetbrainsTeamcity5.9MEDIUM
CVE-2024-36377
JetbrainsTeamcity6.5MEDIUM
Unauthorized Actions in TeamCity Before 2024.03.2
CVE-2024-36376
JetbrainsTeamcity6.5MEDIUM
TeamCity Server Security Vulnerability
CVE-2024-36375
JetbrainsTeamcity5.3MEDIUM
XSS vulnerability in TeamCity build step settings
CVE-2024-36374
JetbrainsTeamcity4.6MEDIUM
Stored XSS vulnerability in TeamCity untrusted builds settings
CVE-2024-36373
JetbrainsTeamcity4.6MEDIUM
XSS vulnerability in TeamCity subscriptions page
CVE-2024-36372
JetbrainsTeamcity4.6MEDIUM
Stored XSS vulnerability in Commit status publisher
CVE-2024-36371
JetbrainsTeamcity4.6MEDIUM
Stored XSS via OAuth Connection Settings in JetBrains TeamCity Before 2022.04.6, 2022.10.5, 2023.05.5, and 2023.11.5
CVE-2024-36370
JetbrainsTeamcity4.6MEDIUM
Stored XSS via Issue Tracker Integration in JetBrains TeamCity Before 2022.04.6, 2022.10.5, 2023.05.5, and 2023.11.5
CVE-2024-36369
JetbrainsTeamcity4.6MEDIUM
XSS via OAuth Provider Configuration in JetBrains TeamCity Before 2022.04.6, 2022.10.5, 2023.05.5, and 2023.11.5
CVE-2024-36368
JetbrainsTeamcity4.6MEDIUM
Stored XSS via Third-Party Reports in JetBrains TeamCity Before 2022.04.6, 2022.10.5, 2023.05.5, and 2023.11.5
CVE-2024-36367
JetbrainsTeamcity4.6MEDIUM
XSS vulnerability in TeamCity report grouping and filtering operations
CVE-2024-36366
JetbrainsTeamcity5.4MEDIUM
Third-Party Agent Could Impersonate Cloud Agent in JetBrains TeamCity Before Certain Versions
CVE-2024-36365
JetbrainsTeamcity6.8MEDIUM
Insecure Access Control in Pull Requests and Commit Status Publisher Build Features
CVE-2024-36364
JetbrainsTeamcity6.5MEDIUM
Stored XSS vulnerabilities in TeamCity code inspection reports
CVE-2024-36363
JetbrainsTeamcity4.6MEDIUM
Path Traversal Vulnerability in TeamCity Allows Reading of Server Files
CVE-2024-36362
JetbrainsTeamcity6.5MEDIUM
May 16
Stored XSS vulnerability in TeamCity before 2023.11
CVE-2024-35302
JetbrainsTeamcity5.4MEDIUM
TeamCity Vulnerability: GitHub App Token Scope Not Checked
CVE-2024-35301
JetbrainsTeamcity5.5MEDIUM
Stored XSS Vulnerabilities in TeamCity Available Updates Page
CVE-2024-35300
JetbrainsTeamcity3.5LOW
Certificate Hostname Validation Flaw in YouTrack Before 2024.1.29548
CVE-2024-35299
JetbrainsYoutrack5.9MEDIUM
March 28
Server Administrators Could Remove Arbitrary Files via Installation of Tools
CVE-2024-31140
JetbrainsTeamcity4.1MEDIUM
Maven build steps detector vulnerability
CVE-2024-31139
JetbrainsTeamcity5.9MEDIUM
TeamCity Vulnerability: XSS via Agent Distribution Settings
CVE-2024-31138
JetbrainsTeamcity4.6MEDIUM
TeamCity XSS Vulnerability
CVE-2024-31137
JetbrainsTeamcity6.1MEDIUM
2FA Bypass Vulnerability in JetBrains TeamCity Before 2024.03
CVE-2024-31136
JetbrainsTeamcity7.4HIGH
TeamCity Login Page Vulnerable to Open Redirect
CVE-2024-31135
JetbrainsTeamcity6.1MEDIUM
Unrestricted User Registration Vulnerability in JetBrains TeamCity Before 2024.03
CVE-2024-31134
JetbrainsTeamcity6.5MEDIUM
March 21
Agent Permissions Vulnerability Affects TeamCity Users
CVE-2024-29880
JetbrainsTeamcity4.2MEDIUM
March 7
Workflow Attachment/Detachment Vulnerability in YouTrack Before 2024.1.25893
CVE-2024-28230
JetbrainsYoutrack6.5MEDIUM
Security Vulnerability in YouTrack Allows Unauthorized Issue Restoration
CVE-2024-28229
JetbrainsYoutrack6.5MEDIUM
Arbitrary User Comments on Behalf of Others Allowed in YouTrack Before 2024.1.25893
CVE-2024-28228
JetbrainsYoutrack5.3MEDIUM
March 6
Improper Authorization of Presigned URL Generation Requests in S3 Artifact Storage Plugin
CVE-2024-28174
JetbrainsTeamcity5.8MEDIUM
Custom Build Parameters of Password Type Disclosed
CVE-2024-28173
JetbrainsTeamcity4.3MEDIUM
March 4
Path Traversal Vulnerability in TeamCity Allows Limited Admin Actions
CVE-2024-27199
JetbrainsTeamcity7.3HIGH
Authentication Bypass in JetBrains TeamCity Allows Admin Actions
CVE-2024-27198
JetbrainsTeamcity🔥😄👾9.8CRITICAL
February 6
Toolbox App vulnerable to DoS attack via malicious SVG image
CVE-2024-24943
JetBrainsToolbox App5.5MEDIUM
Authentication Bypass in TeamCity Could Lead to Remote Code Execution
CVE-2024-23917
JetbrainsTeamcity😄👾9.8CRITICAL
Path Traversal Vulnerability in TeamCity Affects JAR Archives
CVE-2024-24942
JetbrainsTeamcity5.3MEDIUM
Inappropriate Authentication Token Leak in JetBrains IntelliJ IDEA Before 2023.3.3
CVE-2024-24941
JetBrainsIntelliJ IDEA5.3MEDIUM
Path Traversal Vulnerability in IntelliJ IDEA Before 2023.3.3
CVE-2024-24940
JetBrainsIntelliJ IDEA4.3MEDIUM
Logging of Environment Variables Containing Secret Values Possible in JetBrains Rider Before 2023.3.3
CVE-2024-24939
JetBrainsRider5.3MEDIUM
Directory Traversal Vulnerability in Kotlin DSL Documentation
CVE-2024-24938
JetBrainsTeamCity5.3MEDIUM
XSS vulnerability in TeamCity agent distribution
CVE-2024-24937
JetBrainsTeamCity5.4MEDIUM
Access Control Oversight in TeamCity Artifact Storage Plugin
CVE-2024-24936
JetBrainsTeamCity5.3MEDIUM
January 9
CVE-2024-22370
JetBrainsYouTrack4.6MEDIUM
December 21
CVE-2023-51655
JetBrainsIntelliJ IDEA6.3MEDIUM
December 15
CVE-2023-50871
JetBrainsYouTrack4.3MEDIUM
CVE-2023-50870
JetBrainsTeamCity4.3MEDIUM
October 9
CVE-2023-45613
JetBrainsKtor9.1CRITICAL
CVE-2023-45612
JetBrainsKtor9.8CRITICAL
September 19
Authentication Bypass Leads to Remote Code Execution in JetBrains TeamCity Before 2023.05.4
CVE-2023-42793
JetBrainsTeamCity👾9.8CRITICAL
CVE-2023-43566
JetBrainsTeamCity5.4MEDIUM
August 25
CVE-2023-41249
JetBrainsTeamCity6.1MEDIUM
CVE-2023-41248
JetBrainsTeamCity5.4MEDIUM
CVE-2023-41250
JetBrainsTeamCity6.1MEDIUM
July 26
CVE-2023-39261
JetBrainsIntelliJ IDEA7.8HIGH
July 25
CVE-2023-39174
JetBrainsTeamCity7.5HIGH
CVE-2023-39173
JetBrainsTeamCity8.8HIGH
CVE-2023-39175
JetBrainsTeamCity6.1MEDIUM
July 12
CVE-2023-38068
JetBrainsYouTrack7.3HIGH
CVE-2023-38065
JetBrainsTeamCity5.4MEDIUM
CVE-2023-38069
JetBrainsIntelliJ IDEA3.3LOW
CVE-2023-38064
JetBrainsTeamCity6.5MEDIUM
CVE-2023-38061
JetBrainsTeamCity5.4MEDIUM
CVE-2023-38066
JetBrainsTeamCity6.1MEDIUM
CVE-2023-38067
JetBrainsTeamCity6.5MEDIUM
CVE-2023-38062
JetBrainsTeamCity6.5MEDIUM
CVE-2023-38063
JetBrainsTeamCity5.4MEDIUM
June 29
CVE-2015-1313
JetbrainsTeamcity6.5MEDIUM
June 12
CVE-2023-35054
JetBrainsYouTrack5.4MEDIUM
CVE-2023-35053
JetBrainsYouTrack7.5HIGH
June 1
CVE-2023-34339
JetBrainsKtor3.3LOW
May 31
CVE-2023-34219
JetBrainsTeamCity4.3MEDIUM
CVE-2023-34224
JetBrainsTeamCity4.8MEDIUM
CVE-2023-34226
JetBrainsTeamCity6.1MEDIUM
CVE-2023-34228
JetBrainsTeamCity6.5MEDIUM
CVE-2023-34222
JetBrainsTeamCity6.1MEDIUM
CVE-2023-34225
JetBrainsTeamCity5.4MEDIUM
CVE-2023-34220
JetBrainsTeamCity5.4MEDIUM