CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2024-23917
https://notcve.org/view.php?id=CVE-2024-23917
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible En JetBrains TeamCity antes de 2023.11.3 era posible omitir la autenticación que conducía a RCE • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-306: Missing Authentication for Critical Function •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24942
https://notcve.org/view.php?id=CVE-2024-24942
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives En JetBrains TeamCity antes de 2023.11.3, el path traversal permitía leer datos dentro de archivos JAR • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24941
https://notcve.org/view.php?id=CVE-2024-24941
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL En JetBrains IntelliJ IDEA anterior a 2023.3.3, un complemento para JetBrains Space podía enviar un token de autenticación a una URL inapropiada • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24940
https://notcve.org/view.php?id=CVE-2024-24940
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives En JetBrains IntelliJ IDEA antes de 2023.3.3, era posible un path traversal al descomprimir archivos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24939
https://notcve.org/view.php?id=CVE-2024-24939
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible En JetBrains Rider antes de 2023.3.3 era posible el registro de variables de entorno que contenían valores secretos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •