NVD - Results

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( Dot gov ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): jetbrains
Search Type: Search All

There are 269 matching records.

Displaying matches 1 through 20.

Vuln ID	Summary	CVSS Severity
CVE-2022-29930	SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1. Published: May 12, 2022; 5:15:14 AM -0400	V3.1: 4.9 MEDIUM V2.0: 4.0 MEDIUM
CVE-2022-29929	In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible Published: May 12, 2022; 5:15:14 AM -0400	V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2022-29928	In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible Published: May 12, 2022; 5:15:14 AM -0400	V3.1: 4.9 MEDIUM V2.0: 4.0 MEDIUM
CVE-2022-29927	In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible Published: May 12, 2022; 5:15:14 AM -0400	V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2022-29821	In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 7.7 HIGH V2.0: 4.4 MEDIUM
CVE-2022-29820	In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 3.5 LOW V2.0: 3.3 LOW
CVE-2022-29819	In JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 7.7 HIGH V2.0: 4.4 MEDIUM
CVE-2022-29818	In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 7.1 HIGH V2.0: 3.6 LOW
CVE-2022-29817	In JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2022-29816	In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 3.3 LOW V2.0: 2.1 LOW
CVE-2022-29815	In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM
CVE-2022-29814	In JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 7.7 HIGH V2.0: 4.4 MEDIUM
CVE-2022-29813	In JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM
CVE-2022-29812	In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient Published: April 28, 2022; 6:15:08 AM -0400	V3.1: 2.3 LOW V2.0: 2.1 LOW
CVE-2022-29811	In JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible. Published: April 28, 2022; 6:15:07 AM -0400	V3.1: 4.8 MEDIUM V2.0: 3.5 LOW
CVE-2022-29035	In JetBrains Ktor Native before version 2.0.0 random values used for nonce generation weren't using SecureRandom implementations Published: April 11, 2022; 3:15:08 PM -0400	V3.1: 2.7 LOW V2.0: 4.0 MEDIUM
CVE-2022-28651	In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields Published: April 05, 2022; 2:15:08 PM -0400	V3.1: 5.5 MEDIUM V2.0: 2.1 LOW
CVE-2022-28650	In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI Published: April 05, 2022; 2:15:08 PM -0400	V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2022-28649	In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description Published: April 05, 2022; 2:15:08 PM -0400	V3.1: 5.4 MEDIUM V2.0: 3.5 LOW
CVE-2022-28648	In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered Published: April 05, 2022; 2:15:07 PM -0400	V3.1: 5.4 MEDIUM V2.0: 3.5 LOW