Lucene search
K
JetbrainsUpsource

5 matches found

CVE
CVE
added 2019/10/01 4:43 p.m.107 views

CVE-2019-14961

JetBrains Upsource prior to 2019.1.1412 is affected by a Cross‑Site Scripting (XSS) vulnerability due to insufficient escaping of code blocks (HTML tags) in code block comments. The issue is documented across multiple sources (e.g., CVE-2019-14961, JetBrains Security Bulletin Q2 2019) and is reso...

6.1CVSS6.2AI score0.00785EPSS
CVE
CVE
added 2019/10/02 6:51 p.m.73 views

CVE-2019-12157

CVE-2019-12157 affects JetBrains Upsource prior to 2018.2 build 1293, with a credential disclosure vulnerability exposed via RPC commands. The issue is reported across multiple feeds (NVD, Red Hat, CVE lists) and tied to Upsource components in the 2018.2 train; the JetBrains bulletin confirms Ups...

10CVSS9.2AI score0.01818EPSS
CVE
CVE
added 2020/08/08 8:52 p.m.72 views

CVE-2019-19704

CVE-2019-19704 affects JetBrains Upsource prior to 2020.1, where an incorrect user matching algorithm could lead to information disclosure. The Red Hat/CNVD/NVD entries corroborate that Upsource before 2020.1 is vulnerable due to this issue. The Red Hat entry and CNVD descriptions consistently st...

7.5CVSS7.2AI score0.01345EPSS
CVE
CVE
added 2019/10/02 6:52 p.m.55 views

CVE-2019-12156

CVE-2019-12156 affects JetBrains TeamCity (before 2018.2.5) and UpSource (before 2018.2 build 1293). Root cause: an error message could reflect the entire server response, leading to exposure of server metadata. Impact: potential disclosure of sensitive information via error responses. Remediatio...

5.3CVSS5.2AI score0.00904EPSS
CVE
CVE
added 2021/05/11 12:16 p.m.51 views

CVE-2021-30482

Affected software: JetBrains Upsource (prior to 2020.1.1883). The CVE-2021-30482 issue is that application passwords were not revoked correctly due to a flaw in Upsource’s password handling. Impact is stated as High risk; remediation: upgrade to version 2020.1.1883 or later where the issue is fix...

7.5CVSS7.5AI score0.00944EPSS