When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
“Most of these refer to issues discovered in upstream libraries.
The standard practice in such cases is updating them immediately to avoid security risks.
(Image Credit: TheDigitalArtist / Pixabay)
This is almost a daily occurence for any tech product,” he added."
This time around, not even CVEs had been listed, which surprised the wider cybersecurity community.
In its writeup,The Registerspeculates that this was JetBrains response to the recent disclosure drama involving Rapid7.
Consequently, some systems were breached.
Other researchers believe this could have something to do with the recent security incidents at TeamCity.
In early March 2024, the company released a patch for two high-severity flaws plaguing its product.
Soon after, CISA added it to its KEV list, signaling in-the-wild abuse.
The list can be foundhere.
