Search
Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24442 | 1 Jetbrains | 1 Youtrack | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| JetBrains YouTrack before 2021.4.40426 was vulnerable to SSTI (Server-Side Template Injection) via FreeMarker templates. | |||||
| CVE-2021-43185 | 1 Jetbrains | 1 Youtrack | 2021-11-12 | 7.5 HIGH | 9.8 CRITICAL |
| JetBrains YouTrack before 2021.3.23639 is vulnerable to Host header injection. | |||||
| CVE-2021-37549 | 1 Jetbrains | 1 Youtrack | 2021-08-12 | 6.4 MEDIUM | 9.1 CRITICAL |
| In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient. | |||||
| CVE-2021-25770 | 1 Jetbrains | 1 Youtrack | 2021-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution. | |||||
| CVE-2019-12867 | 1 Jetbrains | 1 Youtrack | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Certain actions could cause privilege escalation for issue attachments in JetBrains YouTrack. The issue was fixed in 2018.4.49168. | |||||
| CVE-2019-12866 | 1 Jetbrains | 1 Youtrack | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An Insecure Direct Object Reference, with Authorization Bypass through a User-Controlled Key, was possible in JetBrains YouTrack. The issue was fixed in 2018.4.49168. | |||||
| CVE-2019-12852 | 1 Jetbrains | 1 Youtrack | 2019-07-10 | 7.5 HIGH | 9.8 CRITICAL |
| An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in JetBrains YouTrack 2018.4.49168. | |||||
| CVE-2019-12850 | 1 Jetbrains | 1 Youtrack | 2019-07-10 | 7.5 HIGH | 9.8 CRITICAL |
| A query injection was possible in JetBrains YouTrack. The issue was fixed in YouTrack 2018.4.49168. | |||||