Approved changes feed: RSS · Atom
cpe:2.3:a:jetbrains:pycharm:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Jetbrains (b1b7db7a-bd16-5477-8e89-fb64c5636fcd) |
|---|---|
| Product | Pycharm (144afe2e-4cf3-5b75-a90c-e1809c6a1215) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-49384 |
vulnerable | 2026-06-03 15:26:24.136200 |
Details available
MEDIUM (6.1)
In JetBrains PyCharm before 2025.3.4 stored XSS in Jupyter notebook Markdown cells was possible
Published: 2026-05-29T18:15:53.938Z
Updated: 2026-05-29T19:27:26.582Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-25847 |
vulnerable | 2026-06-03 15:18:04.386355 |
Details available
HIGH (8.2)
In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible
Published: 2026-02-09T10:39:00.791Z
Updated: 2026-02-26T15:04:15.134Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-37051 |
vulnerable | 2026-06-03 14:56:05.587148 |
Details available
CRITICAL (9.3)
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
Published: 2024-06-10T15:58:06.021Z
Updated: 2025-02-13T17:52:58.741Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-29821 |
vulnerable | 2026-06-03 14:46:58.937988 |
Details available
MEDIUM (6.9)
In JetBrains Rider before 2022.1 local code execution via links in ReSharper Quick Documentation was possible
Published: 2022-04-28T09:55:31.000Z
Updated: 2024-08-03T06:33:42.841Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-29820 |
vulnerable | 2026-06-03 14:46:58.936735 |
Details available
LOW (3)
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible
Published: 2022-04-28T09:55:30.000Z
Updated: 2024-08-03T06:33:42.663Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-30005 |
vulnerable | 2026-06-03 14:44:27.247593 |
Details available
In JetBrains PyCharm before 2020.3.4, local code execution was possible because of insufficient checks when getting the project from VCS.
Published: 2021-05-11T11:42:55.000Z
Updated: 2024-08-03T22:24:59.108Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-14958 |
vulnerable | 2026-06-03 14:39:46.891541 |
Details available
JetBrains PyCharm before 2019.2 was allocating a buffer of unknown size for one of the connection processes. In a very specific situation, it could lead to a remote invocation of an OOM error message because of Uncontrolled Memory Allocation.
Published: 2019-10-02T18:40:23.000Z
Updated: 2024-08-05T00:34:52.799Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.