Jetbrains Toolbox App vulnerabilities
6 known vulnerabilities affecting jetbrains/toolbox_app.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2025-43012P3CRITICALCVSS 9.8fixed in 2.62025-04-17
CVE-2025-43012 [CRITICAL] CWE-77 CVE-2025-43012: In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible
nvd
CVE-2025-43013P3HIGHCVSS 7.5fixed in 2.62025-04-17
CVE-2025-43013 [HIGH] CWE-319 CVE-2025-43013: In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication wa
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
nvd
CVE-2022-48481P3HIGHCVSS 7.8fixed in 1.282023-04-28
CVE-2022-48481 [HIGH] CWE-691 CVE-2022-48481: In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible
In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible
nvd
CVE-2025-42921P4MEDIUMCVSS 6.5fixed in 2.62025-04-17
CVE-2025-42921 [MEDIUM] CWE-297 CVE-2025-42921: In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
nvd
CVE-2025-43014P4MEDIUMCVSS 6.5fixed in 2.62025-04-17
CVE-2025-43014 [MEDIUM] CWE-304 CVE-2025-43014: In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user c
In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation
nvd
CVE-2024-24943P4MEDIUMCVSS 5.5fixed in 2.22024-02-06
CVE-2024-24943 [MEDIUM] CWE-400 CVE-2024-24943: In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
In JetBrains Toolbox App before 2.2 a DoS attack was possible via a malicious SVG image
nvd