Primary

Context

JetBrains YouTrack Missing TLS Certificate Validation Vulnerability Allowing Data Disclosure

Vulnerability

Patched

A vulnerability exists in JetBrains YouTrack versions prior to 2025.3.104432, where the application fails to properly validate TLS certificates. This oversight can lead to unauthorized data disclosure.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information, due to the lack of proper TLS certificate validation.

Remediation

Users can update to YouTrack version 2025.3.104432 or later to address this vulnerability.

Added: Nov 10, 2025, 2:28 PM

Updated: Nov 10, 2025, 2:28 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

6.2

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

6.2

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

JetBrains YouTrack Missing TLS Certificate Validation Vulnerability Allowing Data Disclosure

Vulnerability

Impact

Remediation

Affected Products

JetBrains YouTrack

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating