JetBrains Security Bulletin Q3 2020
In the third quarter of 2020, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.
Product | Description | Severity | Resolved in | CVE/CWE |
IdeaVim | In limited circumstances, IdeaVim might have caused an information leak. (VIM-2019) | High | 58 | CVE-2020-27623 |
IntelliJ IDEA | Built-in web server could expose information about IDE version. (IDEA-240567) | Low | 2020.2 | CVE-2020-27622 |
JetBrains Account | Improper rate limit. Reported by Ashhad Ali. (JPF-11026) | Low | 2020.09 | CWE-799 |
JetBrains Account | Password reset token might be disclosed to a third party. Reported by Sheikh Rishad. (JPF-11034) | Low | 2020.10 | CWE-201 |
JetBrains Marketplace | Blind SSRF. Reported by Yurii Sanin. (MP-3119) | High | Not applicable | CWE-918 |
JetBrains Website | Reflected XSS. Reported by Peter af Geijerstam. (JS-13032) | Medium | Not applicable | CWE-79 |
JetBrains Website | HTML injection was possible on several pages. (JS-13041) | Medium | Not applicable | CWE-79 |
JetBrains Website | Clickjacking was possible on several pages. (JS-13042) | Low | Not applicable | CWE-1021 |
JetBrains Website | SSRF on the website. Reported by Mohamed Lahraoui. (SDP-1174) | Low | Not applicable | CWE-918 |
Ktor | HTTP request smuggling was possible. Reported by ZeddYu Lu and Kaiwen Shen. (KTOR-841) | Medium | 1.4.1 | CVE-2020-26129 |
Space | Unauthorized access to environment variables containing private data. (SPACE-10723) | Medium | Not applicable | CWE-532 |
TeamCity | URL injection was possible. (TW-44171 | Low | 2020.1.2 | CVE-2020-27627 |
TeamCity | Guest user had access to audit records. (TW-67750) | Medium | 2020.1.5 | CVE-2020-27628 |
TeamCity | Secure dependency parameters could be not masked in depending builds when there are no internal artifacts. (TW-67775) | High | 2020.1.5 | CVE-2020-27629 |
Toolbox App | Limited RCE via JetBrains protocol handler. Reported by Jeffrey van Gogh and Yuriy Solodkyy. (SDP-1177) | Low | 1.18 | CVE-2020-25207 |
Toolbox App | Denial of service via JetBrains protocol handler. (TBX-5281) | Low | 1.18.7455 | CVE-2020-25013 |
YouTrack | Blind SSRF. Reported by Yurii Sanin. (JT-58015) | Low | 2020.3.888 | CVE-2020-27624 |
YouTrack | Notifications might have mentioned inaccessible issues. (JT-58329) | Low | 2020.3.888 | CVE-2020-27625 |
YouTrack | SSRF in YouTrack InCloud. Reported by Yurii Sanin. (JT-58962) | Medium | 2020.3.5333 | CVE-2020-27626 |
YouTrack | Improper access control allowed retrieving issue description without appropriate access. Reported by Yurii Sanin. (JT-59015) | Critical | 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.3.65516, 2019.2.65515, 2019.1.65514 | CVE-2020-24618 |
YouTrack | Improper access control for some subresources could lead to information disclosure. Reported by Yurii Sanin. (JT-59130) | Medium | 2020.3.6638 | CVE-2020-25209 |
YouTrack | An attacker could access workflow rules without appropriate access granted (JT-59474) | High | 2020.3.7955 | CVE-2020-25210 |
YouTrack Mobile | Information disclosure via application backups. Reported by Cristi Vlad. (YTM-5518) | Low | 2020.2.0 | CVE-2020-24366 |
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team
The Drive to Develop