Approved changes feed: RSS · Atom
cpe:2.3:a:jetbrains:toolbox:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Jetbrains (b1b7db7a-bd16-5477-8e89-fb64c5636fcd) |
|---|---|
| Product | Toolbox (9162ea26-d610-5cf1-be69-9fcc8fa326e5) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-43014 |
vulnerable | 2026-06-03 15:01:16.485556 |
Details available
MEDIUM (6.1)
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
Published: 2025-04-17T15:56:04.945Z
Updated: 2025-04-17T18:01:48.899Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-43013 |
vulnerable | 2026-06-03 15:01:16.485066 |
Details available
MEDIUM (6.9)
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
Published: 2025-04-17T15:56:04.549Z
Updated: 2025-04-17T18:02:40.928Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-43012 |
vulnerable | 2026-06-03 15:01:16.483842 |
Details available
HIGH (8.3)
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
Published: 2025-04-17T15:56:04.085Z
Updated: 2026-02-26T18:28:10.963Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-42921 |
vulnerable | 2026-06-03 15:01:16.341364 |
Details available
MEDIUM (4.2)
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
Published: 2025-04-17T15:56:03.552Z
Updated: 2025-04-17T18:03:03.904Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24943 |
vulnerable | 2026-06-03 14:55:06.158177 |
Details available
MEDIUM (5.3)
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
Published: 2024-02-06T09:21:32.556Z
Updated: 2024-08-01T23:36:20.594Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-48481 |
vulnerable | 2026-06-03 14:48:33.605185 |
Details available
MEDIUM (5.2)
In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible
Published: 2023-04-28T09:22:37.543Z
Updated: 2025-01-30T20:50:54.035Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25207 |
vulnerable | 2026-06-03 14:42:08.904914 |
Details available
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
Published: 2020-11-16T15:01:02.000Z
Updated: 2024-08-04T15:33:05.069Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-25013 |
vulnerable | 2026-06-03 14:42:08.343488 |
Details available
JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.
Published: 2020-11-16T15:00:24.000Z
Updated: 2024-08-04T15:26:09.237Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-15827 |
vulnerable | 2026-06-03 14:41:46.739294 |
Details available
In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file.
Published: 2020-08-08T20:24:52.000Z
Updated: 2024-08-04T13:30:21.844Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-14959 |
vulnerable | 2026-06-03 14:39:46.893340 |
Details available
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
Published: 2019-10-02T18:37:57.000Z
Updated: 2024-08-05T00:34:53.164Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.