40 matches found
EUVD-2025-84340
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...
CVE-2025-64773
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit...
CVE-2025-64686
In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context...
CVE-2025-64684
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form...
PT-2025-46348
Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2025.3.104432 Description A race condition existed that permitted circumvention of the helpdesk agent limit. Recommendations Update to version 2025.3.104432 or later...
JetBrains YouTrack 竞争条件问题漏洞
JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A vulnerability in JetBrains YouTrack prior to version 2025.3.104432 exists due to a...
EUVD-2025-44047
In JetBrains YouTrack before 2025.3.104432 insecure Junie configuration could lead to data exposure and unauthorized changes...
EUVD-2025-44053
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form...
EUVD-2025-44054
In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API...
EUVD-2025-44051
In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of incorrect authorization context...
EUVD-2025-44050
In JetBrains YouTrack before 2025.3.104432 improper access control allowed modify MCP tool logic...
CVE-2025-64686
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions...
CVE-2025-64682
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit...
CVE-2025-64684
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form...
CVE-2025-64684
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form...
CVE-2025-64687
...
CVE-2025-64687
...
CVE-2025-64686
JetBrains YouTrack prior to 2025.3.104432 is affected by CVE-2025-64686 due to missing user-principal cleanup, which can lead to reuse of an incorrect authorization context. The issue is addressed by upgrading to version 2025.3.104432 or later (mitigation).
CVE-2025-64686
...
CVE-2025-64685
JetBrains YouTrack before 2025.3.104432 is affected by CVE-2025-64685 due to missing TLS certificate validation, enabling data disclosure over the network. The issue is documented across multiple sources (NVD/NASL reads), with remediation to upgrade to YouTrack 2025.3.104432 or later. If details ...