CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44623
https://notcve.org/view.php?id=CVE-2022-44623
In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings En la versión JetBrains TeamCity anterior a 2022.10, Project Viewer podía ver valores seguros codificados en la configuración de MetaRunner. • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40979
https://notcve.org/view.php?id=CVE-2022-40979
In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable En JetBrains TeamCity versiones anteriores a 2022.04.4, las variables de entorno de tipo "password" podían registrarse cuando era usado un ejecutable Perforce personalizado • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40978
https://notcve.org/view.php?id=CVE-2022-40978
The installer of JetBrains IntelliJ IDEA before 2022.2.2 was vulnerable to EXE search order hijacking El instalador de JetBrains IntelliJ IDEA versiones anteriores a 2022.2.2, era vulnerable a un secuestro del orden de búsqueda del EXE • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38180
https://notcve.org/view.php?id=CVE-2022-38180
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases En JetBrains Ktor versiones anteriores a 2.1.0, podía seleccionarse un proveedor de autenticación erróneo en algunos casos • https://github.com/ktorio/ktor/pull/3092 https://www.jetbrains.com/privacy-security/issues-fixed • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38179
https://notcve.org/view.php?id=CVE-2022-38179
JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack JetBrains Ktor versiones anteriores a 2.1.0, era vulnerable a un ataque de Descarga de Archivos Reflejado. • https://github.com/ktorio/ktor/pull/3110 https://www.jetbrains.com/privacy-security/issues-fixed • CWE-184: Incomplete List of Disallowed Inputs CWE-697: Incorrect Comparison •