CVSS: 9.3EPSS: 1%CPEs: 44EXPL: 2CVE-2024-37051
https://notcve.org/view.php?id=CVE-2024-37051
10 Jun 2024 — GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2... • https://github.com/LeadroyaL/CVE-2024-37051-EXP • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29821
https://notcve.org/view.php?id=CVE-2022-29821
28 Apr 2022 — In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible En JetBrains Rider versiones anteriores a 2022.1 era posible una ejecución de código local por medio de enlaces en ReSharper Quick Documentation • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29820
https://notcve.org/view.php?id=CVE-2022-29820
28 Apr 2022 — In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible En JetBrains PyCharm versiones anteriores a 2022.1 era posible una exposición del puerto del depurador a la red interna • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-668: Exposure of Resource to Wrong Sphere CWE-1327: Binding to an Unrestricted IP Address •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2021-45977
https://notcve.org/view.php?id=CVE-2021-45977
25 Feb 2022 — JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC (used as Remote Development backend IDEs) bind to the 0.0.0.0 IP address. The fixed versions are: IntelliJ IDEA 2021.3.1, PyCharm Professional 2021.3.1, GoLand 2021.3.2, PhpStorm 2021.3.1 (213.6461.83), RubyMine 2021.3.1, CLio... • https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-30005 – Gentoo Linux Security Advisory 202107-45
https://notcve.org/view.php?id=CVE-2021-30005
11 May 2021 — In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS. En JetBrains PyCharm versiones anteriores a 2020.3.4, una ejecución de código local fue posible debido a comprobaciones insuficientes cuando se obtiene el proyecto desde VCS A vulnerability has been found in PyCharm Community and Professional, potentially resulting in arbitrary code execution. Versions less than 2021.1.2 are affected. • https://github.com/atorralba/CVE-2021-30005-POC • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-11694
https://notcve.org/view.php?id=CVE-2020-11694
10 Apr 2020 — In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included. This is fixed in 2019.2.6 and 2019.3.3. En JetBrains PyCharm versiones 2019.2.5 y 2019.3 en Windows, fueron incluidas credenciales de Apple Notarization Service. Esto se corrigió en las versiones 2019.2.6 y 2019.3.3. • https://blog.jetbrains.com/blog/2020/04/22/jetbrains-security-bulletin-q1-2020 • CWE-312: Cleartext Storage of Sensitive Information CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14958
https://notcve.org/view.php?id=CVE-2019-14958
02 Oct 2019 — JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation. JetBrains PyCharm versiones anteriores a 2019.2, estaba asignando un búfer de tamaño desconocido para uno de los procesos de conexión. En una situación muy específica, podría causar una invocación remota de un mensaje de error OOM debido a la asignación de memoria no c... • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-770: Allocation of Resources Without Limits or Throttling •