CVE-2020-15819
https://notcve.org/view.php?id=CVE-2020-15819
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports. JetBrains YouTrack versiones anteriores a 2020.2.10643, era vulnerable a un ataque de tipo SSRF que permitía escanear puertos internos • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-15817
https://notcve.org/view.php?id=CVE-2020-15817
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues. En JetBrains YouTrack versiones anteriores a 2020.1.1331, un usuario externo podía ejecutar comandos frente a problemas arbitrarios • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 •
CVE-2020-15818
https://notcve.org/view.php?id=CVE-2020-15818
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence. En JetBrains YouTrack versiones anteriores a 2020.2.8527, el flujo de trabajo de las subtareas podría revelar la existencia de un problema • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2020/08/06/jetbrains-security-bulletin-q2-2020 •
CVE-2020-11693
https://notcve.org/view.php?id=CVE-2020-11693
JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue. JetBrains YouTrack versiones anteriores a la versión 2020.1.659, era vulnerable a una DoS que podría ser causado al adjuntar un archivo TIFF malformado a un problema. • https://blog.jetbrains.com/blog/2020/04/22/jetbrains-security-bulletin-q1-2020 •
CVE-2020-11692
https://notcve.org/view.php?id=CVE-2020-11692
In JetBrains YouTrack before 2020.1.659, DB export was accessible to read-only administrators. En JetBrains YouTrack versiones anteriores a la versión 2020.1.659, una exportación de DB era accesible a unos administradores de solo lectura. • https://blog.jetbrains.com/blog/2020/04/22/jetbrains-security-bulletin-q1-2020 • CWE-276: Incorrect Default Permissions •