The JetBrains Blog

Blog

Skip to content
  • Blogs by Topic
  • Search
Burger menu icon
    • IDEs

      • AppCode
      • CLion
      • DataGrip
      • DataSpell
      • Fleet
      • GoLand
      • IntelliJ IDEA
      • PhpStorm
      • PyCharm
      • Rider
      • RubyMine
      • WebStorm
    • Plugins & Services

      • Big Data Tools
      • Code With Me
      • Quality Assurance
      • JetBrains Platform
      • Rust
      • Scala
      • Toolbox App
      • Writerside
    • Team Tools

      • Datalore
      • Space
      • TeamCity
      • Upsource
      • YouTrack
      • Hub
      • Qodana
    • .NET & Visual Studio

      • .NET Tools
      • ReSharper C++
    • Languages & Frameworks

      • Kotlin
      • Ktor
      • MPS
    • Education & Research

      • Edu Products
      • Research
    • Company

      • Company Blog
      • Security
Security logo

The JetBrains Security Blog

  • All
  • security bulletin

Security Bulletin Changes

For the last several years, we have published the JetBrains Security Bulletin on our blog and sent emails to Bulletin subscribers quarterly. However, this approach created an unwanted delay between the release of new versions and the publication of information about vulnerabilities. We also receive a lot of questions about vulnerable product versions from our customers.

Ilya Pleskunin Ilya Pleskunin

SpringShell Vulnerability in JetBrains Products and Services

On March 29, 2022, we became aware of the Remote Code Execution vulnerabilities CVE-2022-22963 and CVE-2022-22965 in several libraries of the Spring Framework, which is commonly used in web applications.

Ilya Pleskunin Ilya Pleskunin
JetBrains Security Bulletin

JetBrains Security Bulletin Q4 2021

In the fourth quarter of 2021, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)

Robert Demmer Robert Demmer

Important Security Update for JetBrains Gateway

On December 27, 2021, we became aware of a security issue that exposes certain JetBrains Remote Development backend IDEs to the networks the server is connected to. This was a result of misconfiguration on our side. The following IDEs were affected: IntelliJ IDEA 2021.3.1 Preview (213.6461.21) and IntelliJ IDEA 2021.3.1 RC (213.6461.48)PyCharm Professional 2021.3.1 RC (213.6461.6)GoLand 2021.3.1 (213.6461.23)PhpStorm 2021.3.1 Preview (213.6461.28) and PhpStorm 2021.3.1 RC (213.6461.58)RubyMine 2021.3.1 Preview (213.6461.24) and RubyMine 2021.3.1 RC (213.6461.46)CLion 2021.3.1 (213.6461.4

Hadi Hariri Hadi Hariri

Log4j vulnerability and JetBrains Products and Services

What happened Similar to the rest of the industry, we became aware on the 10th of December 2021 of the Remote Code Execution vulnerability CVE-2021-44228 in the popular Java logging library log4j (all versions between 2.0 and 2.14.1 are vulnerable). We immediately took action to mitigate any potential impacts on our applications and systems. We'd like to provide you with an update. Actions we've taken We have run an audit of the applications that use log4j and have upgraded to 2.15.0 where necessary. Following is the list of already audited products and their status: All IntelliJ

Hadi Hariri Hadi Hariri
JetBrains Security Bulletin

JetBrains Security Bulletin Q3 2021

In the third quarter of 2021, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)

Robert Demmer Robert Demmer
JetBrains Security Bulletin

JetBrains Security Bulletin Q2 2021

In the second quarter of 2021, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)

Robert Demmer Robert Demmer
JetBrains Security Bulletin

JetBrains Security Bulletin Q1 2021

In the fourth quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved.

Robert Demmer Robert Demmer
JetBrains Security Bulletin

JetBrains Security Bulletin Q4 2020

In the fourth quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)

Robert Demmer Robert Demmer
JetBrains Security Bulletin

JetBrains Security Bulletin Q2 2020

In the second quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved.

Robert Demmer Robert Demmer

JetBrains Security Bulletin Q1 2020

In the first quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)

Robert Demmer Robert Demmer

JetBrains Security Bulletin Q4 2019

In the fourth quarter of 2019, we resolved a series of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)

Robert Demmer Robert Demmer
Load more

Subscribe to Blog updates

By submitting this form, I agree that JetBrains s.r.o. ("JetBrains") may use my name, email address, and location data to send me newsletters, including commercial communications, and to process my personal data for this purpose. I agree that JetBrains may process said data using third-party services for this purpose in accordance with the JetBrains Privacy Policy. I understand that I can revoke this consent at any time in my profile. In addition, an unsubscribe link is included in each email.

Thanks, we've got you!

  • Privacy & Security
  • Terms of Use
  • Legal
  • Genuine tools
  • Twitter
  • Facebook
  • Linkedin
  • Instagram
  • Youtube
  • RSS
Copyright © 2000–2022 JetBrains s.r.o.