CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24941
https://notcve.org/view.php?id=CVE-2024-24941
In JetBrains IntelliJ IDEA before 2023.3.3 a plugin for JetBrains Space was able to send an authentication token to an inappropriate URL En JetBrains IntelliJ IDEA anterior a 2023.3.3, un complemento para JetBrains Space podía enviar un token de autenticación a una URL inapropiada • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24940
https://notcve.org/view.php?id=CVE-2024-24940
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives En JetBrains IntelliJ IDEA antes de 2023.3.3, era posible un path traversal al descomprimir archivos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24939
https://notcve.org/view.php?id=CVE-2024-24939
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible En JetBrains Rider antes de 2023.3.3 era posible el registro de variables de entorno que contenían valores secretos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24938
https://notcve.org/view.php?id=CVE-2024-24938
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation En JetBrains TeamCity antes de 2023.11.2, era posible un directory traversal limitado en la documentación de Kotlin DSL • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24937
https://notcve.org/view.php?id=CVE-2024-24937
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible En JetBrains TeamCity antes de 2023.11.2 era posible un XSS almacenado, a través de la distribución de agentes • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •