JetBrains

YouTrack

105 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.7

CVE-2025-64773

  • EPSS 0%
  • Veröffentlicht 11.11.2025 15:23:19
  • Zuletzt bearbeitet 21.11.2025 12:57:53

In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit

6.5

CVE-2025-64690

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:28:02
  • Zuletzt bearbeitet 02.12.2025 11:17:57

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.

7.5

CVE-2025-64689

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:28:01
  • Zuletzt bearbeitet 02.12.2025 11:17:29

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.

5.3

CVE-2025-64687

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:27:59
  • Zuletzt bearbeitet 02.12.2025 11:16:29

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions.

7.3

CVE-2025-64688

  • EPSS 0.01%
  • Veröffentlicht 10.11.2025 13:27:59
  • Zuletzt bearbeitet 02.12.2025 11:17:02

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.

7.5

CVE-2025-64685

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:27:58
  • Zuletzt bearbeitet 21.11.2025 16:03:45

In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure

5.3

CVE-2025-64686

  • EPSS 0.01%
  • Veröffentlicht 10.11.2025 13:27:58
  • Zuletzt bearbeitet 02.12.2025 11:15:51

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions.

7.5

CVE-2025-64684

  • EPSS 0%
  • Veröffentlicht 10.11.2025 13:27:57
  • Zuletzt bearbeitet 21.11.2025 16:04:15

In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form

5.4

CVE-2025-57731

  • EPSS 0.05%
  • Veröffentlicht 20.08.2025 09:13:59
  • Zuletzt bearbeitet 21.08.2025 15:17:15

In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content

6.1

CVE-2025-54527

  • EPSS 0.01%
  • Veröffentlicht 28.07.2025 16:20:38
  • Zuletzt bearbeitet 01.12.2025 19:23:32

In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions