Security

A new security issue was discovered that affects the JetBrains GitHub plugin on the IntelliJ platform, which could lead to disclosure of access tokens to third-party sites. The issue affects all IntelliJ-based IDEs as of 2023.1 onwards that have the JetBrains GitHub plugin enabled and configured/in-use. 

Introduction This blog post follows up on the recent TeamCity On-Premises security vulnerabilities notification and the subsequent post that described our timeline for addressing those vulnerabilities. At JetBrains, we adhere to a carefully balanced approach to vulnerability disclosure. We fol…

This is a follow-up to the vulnerability announcement we published on March 4, 2024. It’s important that we properly communicate the timeline for fixing the CVE-2024-27198 and CVE-2024-27199 vulnerabilities from JetBrains’ side. All times below are expressed in CET. February 19 6:54 pm –…

SOC 2 (Service Organization Control II) is a comprehensive audit framework developed by the American Institute of CPAs (AICPA). This framework assesses the controls a service organization has in place in terms of security, availability, processing integrity, confidentiality, and privacy. A SOC 2 Type II report evaluates the design and suitability of these controls. This means an external auditor has looked at our systems and processes and confirmed that they are designed in accordance with the SOC2 requirements.