JetBrains Security Bulletin Q3 2020
In the third quarter of 2020, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.
| Product | Description | Severity | Resolved in | CVE/CWE |
| IdeaVim | In limited circumstances, IdeaVim might have caused an information leak. (VIM-2019) | High | 58 | CVE-2020-27623 |
| IntelliJ IDEA | Built-in web server could expose information about IDE version. (IDEA-240567) | Low | 2020.2 | CVE-2020-27622 |
| JetBrains Account | Improper rate limit. Reported by Ashhad Ali. (JPF-11026) | Low | 2020.09 | CWE-799 |
| JetBrains Account | Password reset token might be disclosed to a third party. Reported by Sheikh Rishad. (JPF-11034) | Low | 2020.10 | CWE-201 |
| JetBrains Marketplace | Blind SSRF. Reported by Yurii Sanin. (MP-3119) | High | Not applicable | CWE-918 |
| JetBrains Website | Reflected XSS. Reported by Peter af Geijerstam. (JS-13032) | Medium | Not applicable | CWE-79 |
| JetBrains Website | HTML injection was possible on several pages. (JS-13041) | Medium | Not applicable | CWE-79 |
| JetBrains Website | Clickjacking was possible on several pages. (JS-13042) | Low | Not applicable | CWE-1021 |
| JetBrains Website | SSRF on the website. Reported by Mohamed Lahraoui. (SDP-1174) | Low | Not applicable | CWE-918 |
| Ktor | HTTP request smuggling was possible. Reported by ZeddYu Lu and Kaiwen Shen. (KTOR-841) | Medium | 1.4.1 | CVE-2020-26129 |
| Space | Unauthorized access to environment variables containing private data. (SPACE-10723) | Medium | Not applicable | CWE-532 |
| TeamCity | URL injection was possible. (TW-44171 | Low | 2020.1.2 | CVE-2020-27627 |
| TeamCity | Guest user had access to audit records. (TW-67750) | Medium | 2020.1.5 | CVE-2020-27628 |
| TeamCity | Secure dependency parameters could be not masked in depending builds when there are no internal artifacts. (TW-67775) | High | 2020.1.5 | CVE-2020-27629 |
| Toolbox App | Limited RCE via JetBrains protocol handler. Reported by Jeffrey van Gogh and Yuriy Solodkyy. (SDP-1177) | Low | 1.18 | CVE-2020-25207 |
| Toolbox App | Denial of service via JetBrains protocol handler. (TBX-5281) | Low | 1.18.7455 | CVE-2020-25013 |
| YouTrack | Blind SSRF. Reported by Yurii Sanin. (JT-58015) | Low | 2020.3.888 | CVE-2020-27624 |
| YouTrack | Notifications might have mentioned inaccessible issues. (JT-58329) | Low | 2020.3.888 | CVE-2020-27625 |
| YouTrack | SSRF in YouTrack InCloud. Reported by Yurii Sanin. (JT-58962) | Medium | 2020.3.5333 | CVE-2020-27626 |
| YouTrack | Improper access control allowed retrieving issue description without appropriate access. Reported by Yurii Sanin. (JT-59015) | Critical | 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.3.65516, 2019.2.65515, 2019.1.65514 | CVE-2020-24618 |
| YouTrack | Improper access control for some subresources could lead to information disclosure. Reported by Yurii Sanin. (JT-59130) | Medium | 2020.3.6638 | CVE-2020-25209 |
| YouTrack | An attacker could access workflow rules without appropriate access granted (JT-59474) | High | 2020.3.7955 | CVE-2020-25210 |
| YouTrack Mobile | Information disclosure via application backups. Reported by Cristi Vlad. (YTM-5518) | Low | 2020.2.0 | CVE-2020-24366 |
If you need any further assistance, please contact our Security Team.
Subscribe to receive the bulletin in your mailbox.
Your JetBrains Team
The Drive to Develop
Prev post New AppCode 2020.3 EAP: XCFrameworks Support, Xcode 12 Support Improvements, and MorePyCharm 2020.3.2 Supports Apple Silicon Next post
