Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-11-03 | CVE-2022-44624 | In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters | Teamcity | 7.5 | ||
| 2022-11-03 | CVE-2022-44646 | In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings | Teamcity | 5.3 | ||
| 2022-12-08 | CVE-2022-46830 | In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning. | Teamcity | 5.3 | ||
| 2022-12-08 | CVE-2022-46831 | In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators. | Teamcity | 4.9 | ||
| 2023-02-23 | CVE-2022-48342 | In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. | Teamcity | 9.8 | ||
| 2023-02-23 | CVE-2022-48343 | In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process. | Teamcity | 6.1 | ||
| 2023-02-23 | CVE-2022-48344 | In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process. | Teamcity | 6.1 | ||
| 2023-03-27 | CVE-2022-48426 | In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible | Teamcity | 5.4 | ||
| 2023-03-27 | CVE-2022-48427 | In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible | Teamcity | 5.4 | ||
| 2023-03-27 | CVE-2022-48428 | In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible | Teamcity | 5.4 |