CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-37544
https://notcve.org/view.php?id=CVE-2021-37544
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. En JetBrains TeamCity versiones anteriores a 2020.2.4, había una deserialización no segura • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37542
https://notcve.org/view.php?id=CVE-2021-37542
In JetBrains TeamCity before 2020.2.3, XSS was possible. En JetBrains TeamCity versiones anteriores a 2020.2.3, era posible una ejecución de un ataque de tipo XSS • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37543
https://notcve.org/view.php?id=CVE-2021-37543
In JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects. En JetBrains RubyMine versiones anteriores a 2021.1.1, era posible una ejecución de código sin la confirmación del usuario para proyectos no confiables • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37541
https://notcve.org/view.php?id=CVE-2021-37541
In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible. En JetBrains Hub versiones anteriores a 2021.1.13402, era posible una inyección HTML en el correo electrónico de restablecimiento de contraseña • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-37540
https://notcve.org/view.php?id=CVE-2021-37540
In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used. En JetBrains Hub versiones anteriores a 2021.1.13262, era usado un CSP potencialmente insuficiente para la función de despliegue de widgets • https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021 •