GCVE - cpe:2.3:a:jetbrains:toolbox_app:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:jetbrains:toolbox_app:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Jetbrains (`b1b7db7a-bd16-5477-8e89-fb64c5636fcd`)
Product	Toolbox App (`a8fc925a-4f2e-5257-b52d-45f2e9c5bd76`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-43014`	vulnerable	2026-06-03 15:01:16.485429	Details available MEDIUM (6.1) In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation Published: 2025-04-17T15:56:04.945Z Updated: 2025-04-17T18:01:48.899Z Open on db.gcve.eu Reference links https://www.jetbrains.com/privacy-security/issues-fixed/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-43013`	vulnerable	2026-06-03 15:01:16.485019	Details available MEDIUM (6.9) In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible Published: 2025-04-17T15:56:04.549Z Updated: 2025-04-17T18:02:40.928Z Open on db.gcve.eu Reference links https://www.jetbrains.com/privacy-security/issues-fixed/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-43012`	vulnerable	2026-06-03 15:01:16.483804	Details available HIGH (8.3) In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible Published: 2025-04-17T15:56:04.085Z Updated: 2026-02-26T18:28:10.963Z Open on db.gcve.eu Reference links https://www.jetbrains.com/privacy-security/issues-fixed/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-42921`	vulnerable	2026-06-03 15:01:16.340162	Details available MEDIUM (4.2) In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin Published: 2025-04-17T15:56:03.552Z Updated: 2025-04-17T18:03:03.904Z Open on db.gcve.eu Reference links https://www.jetbrains.com/privacy-security/issues-fixed/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-24943`	vulnerable	2026-06-03 14:55:06.157393	Details available MEDIUM (5.3) In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image Published: 2024-02-06T09:21:32.556Z Updated: 2024-08-01T23:36:20.594Z Open on db.gcve.eu Reference links https://www.jetbrains.com/privacy-security/issues-fixed/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-48481`	vulnerable	2026-06-03 14:48:33.604570	Details available MEDIUM (5.2) In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible Published: 2023-04-28T09:22:37.543Z Updated: 2025-01-30T20:50:54.035Z Open on db.gcve.eu Reference links https://www.jetbrains.com/privacy-security/issues-fixed/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.