JetBrains IntelliJ integrated development environment (IDE) apps are vulnerable to a critical security flaw tracked as CVE-2024-37051. The vulnerability may allow attackers to disclose GitHub access tokens to third-party sites. The vulnerability exists in the JetBrains IntelliJ-based IDEs that have the JetBrains GitHub plugin enabled and configured/in-use.
Tag: Jetbrains
JetBrains TeamCity On-Premises Authentication Bypass vulnerability (CVE-2024-23917)
JetBrains has released a patch to address a critical flaw tracked as CVE-2024-23917. The vulnerability in TeamCity On-Premises may allow an attacker to gain admin privileges on successful exploitation.
JetBrains TeamCity Authentication Bypass Vulnerability (CVE-2023-42793)
JetBrains TeamCity, a popular integration and deployment tool, is vulnerable to an authentication bypass flaw. CVE-2023-42793 affects on-premise instances of the TeamCity CI/CD servers. Successful exploitation of the vulnerability may lead to remote code execution. The vulnerability has been given a critical severity rating with a CVSS score of 9.8.
