Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality (CVE-2025-61727) and denial of service (CVE-2025-61729)

Summary IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality and denial of service due to Goland module crypto/x509. This bulletin provides patch information to address the reported vulnerabilities in Goland module crypto/x509...

EUVD-2025-14813

Malicious code in bioql PyPI...

CVE-2025-29932

In JetBrains GoLand before 2025.1 an XXE during debugging was possible...

JetBrains GoLand Code Issue Vulnerability

JetBrains GoLand is a set of intelligent IDE Integrated Development Environment dedicated to Go language development from the Czech company JetBrains. A code issue vulnerability exists in JetBrains GoLand that stems from a networked system or product that does not have the correct filters set up ...

CVE-2025-29932

In JetBrains GoLand before 2025.1 an XXE during debugging was possible...

CVE-2025-29932

In JetBrains GoLand before 2025.1 an XXE during debugging was possible...

CVE-2025-29932

In JetBrains GoLand before 2025.1 an XXE during debugging was possible...

CVE-2025-29932

In JetBrains GoLand before 2025.1 an XXE during debugging was possible...

CVE-2025-29932

JetBrains GoLand prior to 2025.1 is affected by CVE-2025-29932: an XXE during debugging allows reading files via XML external entities. The vulnerability concerns the GoLand IDE (Go development) and is documented across multiple sources; no remediation details are provided in the supplied documen...

JetBrains GoLand 代码问题漏洞

JetBrains GoLand is a set of intelligent IDE Integrated Development Environment dedicated to Go language development from the Czech company JetBrains. A code issue vulnerability exists in JetBrains GoLand that stems from a networked system or product that does not have the correct filters set up ...

CVE-2024-37051

GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5,...

JetBrains Multiple IDE Security Vulnerabilities

JetBrains IntelliJ IDEA and others are products of the Czech company JetBrains.JetBrains IntelliJ IDEA is a set of integrated development environments IDEs for the Java language.JetBrains PyCharm is an integrated development environment IDE for the Python language. JetBrains PhpStorm is a softwar...

PT-2024-4040 · Jetbrains · Mps +12

Name of the Vulnerable Software and Affected Versions: JetBrains IntelliJ IDEA versions 2023.1 through 2023.1.7 JetBrains IntelliJ IDEA versions 2023.2 through 2023.2.7 JetBrains IntelliJ IDEA versions 2023.3 through 2023.3.7 JetBrains IntelliJ IDEA version 2024.1.3 JetBrains IntelliJ IDEA versio...

CVE-2021-45977

JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC used as...

CVE-2021-45977

CVE-2021-45977 affects JetBrains IDEs used as Remote Development backends where the affected products bound to the 0.0.0.0 address. The vulnerability description from connected sources notes exposure of the backend service due to binding to an all interfaces address. Fixed versions are provided: ...

CVE-2021-45977

JetBrains IntelliJ IDEA 2021.3.1 Preview, IntelliJ IDEA 2021.3.1 RC, PyCharm Professional 2021.3.1 RC, GoLand 2021.3.1, PhpStorm 2021.3.1 Preview, PhpStorm 2021.3.1 RC, RubyMine 2021.3.1 Preview, RubyMine 2021.3.1 RC, CLion 2021.3.1, WebStorm 2021.3.1 Preview, and WebStorm 2021.3.1 RC used as...

Unspecified Vulnerability in JetBrains GoLand

JetBrains GoLand is a set of intelligent IDE Integrated Development Environment dedicated to Go language development from the Czech company JetBrains. A security vulnerability exists in JetBrains GoLand versions prior to 2019.3.2, which stems from the fact that the program uses the HTTP protocol...

CVE-2020-11685

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS...

CVE-2020-11685

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS...

Design/Logic Flaw

In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS...