![webstorm youtrack webstorm youtrack](https://plugins.jetbrains.com/files/10456/89950/icon/pluginIcon.png)
This security vulnerability affects YouTrack instances from version 2018.1 to version 202. On December 9, 2021, a security vulnerability was found in a third-party library used in JetBrains YouTrack.
#Webstorm youtrack update
Please read this announcement for a full update on the current situation and immediate action that you must take if you run a YouTrack Standalone installation. We have analyzed access logs and found that no attempts were made to exploit the vulnerability before we eliminated it from YouTrack InCloud.Īdministrators of some YouTrack Standalone installations must take further action to secure their instances. YouTrack InCloud customers are already safe. This announcement is about a security vulnerability that was found in a third-party library used in JetBrains YouTrack. Please refer to the section Securing YouTrack and Hub without upgrading below for details.įor further updates and community discussion on the topic, please follow this issue. We’ve found a workaround solution that lets customers without upgrade subscriptions secure their installations.
#Webstorm youtrack install
Please download and install these YouTrack and Hub versions. To address another vulnerability, CVE-2021-45046, we released YouTrack 209 and Hub 208 on December 16, 2021. To the best of our knowledge, the newly discovered CVE-2021-45105 does not affect YouTrack or Hub. You can subscribe to the security bulletin here. Any new information relating to the log4j CVEs will be published in our quarterly security bulletin. We will no longer be updating this blog post. Feel free to download and install these YouTrack and Hub versions. To the best of our knowledge, these YouTrack and Hub versions are not affected by any known log4j-related vulnerabilities discovered to date (CVE-2021-44228, CVE-2021-45046, CVE-2021-44832 and CVE-2021-45105). The latest YouTrack and Hub versions (2021.4.37 respectively) released on December 21st include log4j 2.17. Securing YouTrack and Hub without upgrading.Actions for YouTrack Standalone administrators.