All JetBrains clients should update their products

Multiple vulnerabilities has been patched in Jetbrains products.

Monday, November 16, 2020, 3:51 GMT

In the third quarter of 2020, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.

ProductDescriptionSeverityResolved inCVE/CWE
IdeaVimIn limited circumstances, IdeaVim might have caused an information leak. (VIM-2019)High58CVE-2020-27623
IntelliJ IDEABuilt-in web server could expose information about IDE version. (IDEA-240567)Low2020.2CVE-2020-27622
JetBrains AccountImproper rate limit. Reported by Ashhad Ali. (JPF-11026)Low2020.09CWE-799
JetBrains AccountPassword reset token might be disclosed to a third party. Reported by Sheikh Rishad. (JPF-11034)Low2020.10CWE-201
JetBrains MarketplaceBlind SSRF. Reported by Yurii Sanin. (MP-3119)HighNot applicableCWE-918
JetBrains WebsiteReflected XSS. Reported by Peter af Geijerstam. (JS-13032)MediumNot applicableCWE-79
JetBrains WebsiteHTML injection was possible on several pages. (JS-13041)MediumNot applicableCWE-79
JetBrains WebsiteClickjacking was possible on several pages. (JS-13042)LowNot applicableCWE-1021
JetBrains WebsiteSSRF on the website. Reported by Mohamed Lahraoui. (SDP-1174)LowNot applicableCWE-918
KtorHTTP request smuggling was possible. Reported by ZeddYu Lu and Kaiwen Shen. (KTOR-841)Medium1.4.1CVE-2020-26129
SpaceUnauthorized access to environment variables containing private data. (SPACE-10723)MediumNot applicableCWE-532
TeamCityURL injection was possible. (TW-44171Low2020.1.2CVE-2020-27627
TeamCityGuest user had access to audit records. (TW-67750)Medium2020.1.5CVE-2020-27628
TeamCitySecure dependency parameters could be not masked in depending builds when there are no internal artifacts. (TW-67775)High2020.1.5CVE-2020-27629
Toolbox AppLimited RCE via JetBrains protocol handler. Reported by Jeffrey van Gogh and Yuriy Solodkyy. (SDP-1177)Low1.18CVE-2020-25207
Toolbox AppDenial of service via JetBrains protocol handler. (TBX-5281)Low1.18.7455CVE-2020-25013
YouTrackBlind SSRF. Reported by Yurii Sanin. (JT-58015)Low2020.3.888CVE-2020-27624
YouTrackNotifications might have mentioned inaccessible issues. (JT-58329)Low2020.3.888CVE-2020-27625
YouTrackSSRF in YouTrack InCloud. Reported by Yurii Sanin. (JT-58962)Medium2020.3.5333CVE-2020-27626
YouTrackImproper access control allowed retrieving issue description without appropriate access. Reported by Yurii Sanin. (JT-59015)Critical2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.3.65516, 2019.2.65515, 2019.1.65514CVE-2020-24618
YouTrackImproper access control for some subresources could lead to information disclosure. Reported by Yurii Sanin. (JT-59130)Medium2020.3.6638CVE-2020-25209
YouTrackAn attacker could access workflow rules without appropriate access granted (JT-59474)High2020.3.7955CVE-2020-25210
YouTrack MobileInformation disclosure via application backups. Reported by Cristi Vlad. (YTM-5518)Low2020.2.0CVE-2020-24366

References: