WebStorm
by Jetbrains
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-37051 | 0.01 | — | 0.04 | Jun 10, 2024 | GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3,… | |||
| CVE-2024-52555 | 0.00 | — | 0.00 | Nov 15, 2024 | In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script | |||
| CVE-2021-31897 | 0.00 | — | 0.02 | May 11, 2021 | In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects. | |||
| CVE-2021-31898 | 0.00 | — | 0.01 | May 11, 2021 | In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS. |
- CVE-2024-37051Jun 10, 2024risk 0.01cvss —epss 0.04
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3,…
- CVE-2024-52555Nov 15, 2024risk 0.00cvss —epss 0.00
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script
- CVE-2021-31897May 11, 2021risk 0.00cvss —epss 0.02
In JetBrains WebStorm before 2021.1, code execution without user confirmation was possible for untrusted projects.
- CVE-2021-31898May 11, 2021risk 0.00cvss —epss 0.01
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS.