YouTrack Before 2024.3.52635 Vulnerable to ReDoS Due to Ruby Syntax Detector Flaw

CVE-2024-54157

Currently unrated

Key Information:

Vendor: JetBrains
Vendor: CVE Published:; 4 December 2024

Summary

In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp in Ruby syntax detector

References

https://www.jetbrains.com/privacy-security/issues-fixed/

Timeline

Vulnerability published
Dec 4, 2024

Collectors

NVD Database

.