In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-09
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL
Max CVSS
6.1
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-07
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
Max CVSS
5.4
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-06
Updated
2024-02-09
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible
Max CVSS
5.4
EPSS Score
0.05%
Published
2024-01-09
Updated
2024-01-12
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration
Max CVSS
9.8
EPSS Score
0.13%
Published
2023-12-21
Updated
2023-12-29
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed
Max CVSS
4.3
EPSS Score
0.05%
Published
2023-12-15
Updated
2023-12-19
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-12-15
Updated
2023-12-19
In JetBrains Ktor before 2.3.5 server certificates were not verified
Max CVSS
9.1
EPSS Score
0.06%
Published
2023-10-09
Updated
2023-10-12
In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-10-09
Updated
2023-10-12
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
Max CVSS
5.4
EPSS Score
0.05%
Published
2023-09-19
Updated
2023-09-21

CVE-2023-42793

Known exploited
Public exploit
Used for ransomware
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
Max CVSS
9.8
EPSS Score
97.35%
Published
2023-09-19
Updated
2023-10-03
CISA KEV Added
2023-10-04
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
Max CVSS
6.1
EPSS Score
0.05%
Published
2023-08-25
Updated
2023-08-28
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step
Max CVSS
6.1
EPSS Score
0.05%
Published
2023-08-25
Updated
2023-08-28
In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration
Max CVSS
5.4
EPSS Score
0.05%
Published
2023-08-25
Updated
2023-08-28
In JetBrains IntelliJ IDEA before 2023.2 plugin for Space was requesting excessive permissions
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-07-26
Updated
2023-08-02
In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible
Max CVSS
6.1
EPSS Score
0.05%
Published
2023-07-25
Updated
2023-08-01
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-07-25
Updated
2023-08-01
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-07-25
Updated
2023-08-01
In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases
Max CVSS
3.3
EPSS Score
0.04%
Published
2023-07-12
Updated
2023-07-20
109 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!