Jetbrains : Security Vulnerabilities, CVEs, (Bypass) CVSS score >= 5
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.
Max CVSS
8.8
EPSS Score
0.17%
Published
2022-12-08
Updated
2022-12-12
In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive
Max CVSS
5.3
EPSS Score
0.06%
Published
2022-11-03
Updated
2022-11-04
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases
Max CVSS
6.5
EPSS Score
0.16%
Published
2022-08-12
Updated
2022-08-16
In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services
Max CVSS
5.3
EPSS Score
0.07%
Published
2022-07-01
Updated
2022-07-11
In JetBrains Hub before 2022.1.14434, SAML request takeover was possible.
Max CVSS
9.8
EPSS Score
0.22%
Published
2022-02-25
Updated
2022-03-08
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
Max CVSS
9.8
EPSS Score
0.22%
Published
2022-02-25
Updated
2022-03-04
In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.
Max CVSS
7.5
EPSS Score
0.07%
Published
2021-11-09
Updated
2021-11-10
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
Max CVSS
7.5
EPSS Score
0.07%
Published
2021-08-06
Updated
2021-08-12
In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.
Max CVSS
9.8
EPSS Score
0.31%
Published
2020-04-22
Updated
2020-04-29
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3.
Max CVSS
5.3
EPSS Score
0.08%
Published
2019-07-03
Updated
2020-08-24
11 vulnerabilities found