Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-02-06 | CVE-2024-24938 | In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation | Teamcity | 5.3 | ||
| 2024-02-06 | CVE-2024-24942 | In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives | Teamcity | 5.3 | ||
| 2024-03-28 | CVE-2024-31135 | In JetBrains TeamCity before 2024.03 open redirect was possible on the login page | Teamcity | 6.1 | ||
| 2024-03-28 | CVE-2024-31137 | In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration | Teamcity | 6.1 | ||
| 2024-03-28 | CVE-2024-31138 | In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings | Teamcity | 5.4 | ||
| 2024-07-01 | CVE-2024-39878 | In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection | Teamcity | 5.3 | ||
| 2024-07-01 | CVE-2024-39879 | In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings | Teamcity | 5.3 | ||
| 2024-07-22 | CVE-2024-41824 | In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases | Teamcity | 6.5 | ||
| 2024-07-22 | CVE-2024-41825 | In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab | Teamcity | 5.4 | ||
| 2024-07-22 | CVE-2024-41826 | In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page | Teamcity | 4.8 |