CVE-2025-64688
- EPSS 0.01%
- Veröffentlicht 10.11.2025 13:27:59
- Zuletzt bearbeitet 02.12.2025 11:17:02
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it relates to internal functionality that is not available to customers.
CVE-2025-64685
- EPSS 0.22%
- Veröffentlicht 10.11.2025 13:27:58
- Zuletzt bearbeitet 21.11.2025 16:03:45
In JetBrains YouTrack before 2025.3.104432 missing TLS certificate validation enabled data disclosure
CVE-2025-64686
- EPSS 0.01%
- Veröffentlicht 10.11.2025 13:27:58
- Zuletzt bearbeitet 02.12.2025 11:15:51
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was fixed before public disclosure and did not affect any released versions.
CVE-2025-64684
- EPSS 0.31%
- Veröffentlicht 10.11.2025 13:27:57
- Zuletzt bearbeitet 21.11.2025 16:04:15
In JetBrains YouTrack before 2025.3.104432 information disclosure was possible via the feedback form
CVE-2025-57731
- EPSS 0.26%
- Veröffentlicht 20.08.2025 09:13:59
- Zuletzt bearbeitet 21.08.2025 15:17:15
In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
CVE-2025-54527
- EPSS 0.25%
- Veröffentlicht 28.07.2025 16:20:38
- Zuletzt bearbeitet 01.12.2025 19:23:32
In JetBrains YouTrack before 2025.2.86935, 2025.2.87167, 2025.3.87341, 2025.3.87344 improper iframe configuration in widget sandbox allows popups to bypass security restrictions
CVE-2025-53959
- EPSS 0.26%
- Veröffentlicht 15.07.2025 16:26:57
- Zuletzt bearbeitet 14.10.2025 14:14:50
In JetBrains YouTrack before 2025.2.86069, 2024.3.85077, 2025.1.86199 email spoofing via an administrative API was possible
CVE-2025-47850
- EPSS 0.31%
- Veröffentlicht 20.05.2025 17:37:43
- Zuletzt bearbeitet 30.09.2025 18:55:14
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue cloning
CVE-2025-48391
- EPSS 0.35%
- Veröffentlicht 20.05.2025 17:37:42
- Zuletzt bearbeitet 30.09.2025 18:51:44
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API
CVE-2025-24457
- EPSS 0.59%
- Veröffentlicht 21.01.2025 18:15:18
- Zuletzt bearbeitet 30.01.2025 21:31:24
In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs