Blog
For the last several years, we have published the JetBrains Security Bulletin on our blog and sent emails to Bulletin subscribers quarterly. However, this approach created an unwanted delay between the release of new versions and the publication of information about vulnerabilities. We also receive a lot of questions about vulnerable product versions from our customers.
On March 29, 2022, we became aware of the Remote Code Execution vulnerabilities CVE-2022-22963 and CVE-2022-22965 in several libraries of the Spring Framework, which is commonly used in web applications.
In the fourth quarter of 2021, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)
On December 27, 2021, we became aware of a security issue that exposes certain JetBrains Remote Development backend IDEs to the networks the server is connected to. This was a result of misconfiguration on our side. The following IDEs were affected: IntelliJ IDEA 2021.3.1 Preview (213.6461.21) and IntelliJ IDEA 2021.3.1 RC (213.6461.48)PyCharm Professional 2021.3.1 RC (213.6461.6)GoLand 2021.3.1 (213.6461.23)PhpStorm 2021.3.1 Preview (213.6461.28) and PhpStorm 2021.3.1 RC (213.6461.58)RubyMine 2021.3.1 Preview (213.6461.24) and RubyMine 2021.3.1 RC (213.6461.46)CLion 2021.3.1 (213.6461.4
What happened Similar to the rest of the industry, we became aware on the 10th of December 2021 of the Remote Code Execution vulnerability CVE-2021-44228 in the popular Java logging library log4j (all versions between 2.0 and 2.14.1 are vulnerable). We immediately took action to mitigate any potential impacts on our applications and systems. We'd like to provide you with an update. Actions we've taken We have run an audit of the applications that use log4j and have upgraded to 2.15.0 where necessary. Following is the list of already audited products and their status: All IntelliJ
In the third quarter of 2021, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)
In the second quarter of 2021, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)
In the fourth quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved.
In the fourth quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)
In the second quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved.
In the first quarter of 2020, we resolved a number of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)
In the fourth quarter of 2019, we resolved a series of security issues in our products. Here's a summary report that contains a description of each issue and the version in which it was resolved. (more…)
By submitting this form, I agree that JetBrains s.r.o. ("JetBrains") may use my name, email address, and location data to send me newsletters, including commercial communications, and to process my personal data for this purpose. I agree that JetBrains may process said data using third-party services for this purpose in accordance with the JetBrains Privacy Policy. I understand that I can revoke this consent at any time in my profile. In addition, an unsubscribe link is included in each email.
Thanks, we've got you!
