Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-12-08 | CVE-2022-46831 | In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators. | Teamcity | 4.9 | ||
| 2023-02-23 | CVE-2022-48342 | In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. | Teamcity | 9.8 | ||
| 2023-02-23 | CVE-2022-48343 | In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process. | Teamcity | 6.1 | ||
| 2023-02-23 | CVE-2022-48344 | In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process. | Teamcity | 6.1 | ||
| 2023-03-27 | CVE-2022-48426 | In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible | Teamcity | 5.4 | ||
| 2023-03-27 | CVE-2022-48427 | In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possible | Teamcity | 5.4 | ||
| 2023-03-27 | CVE-2022-48428 | In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible | Teamcity | 5.4 | ||
| 2023-05-31 | CVE-2023-34218 | In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possible | Teamcity | 9.8 | ||
| 2023-05-31 | CVE-2023-34219 | In JetBrains TeamCity before 2023.05 improper permission checks allowed users without appropriate permissions to edit Build Configuration settings via REST API | Teamcity | 4.3 | ||
| 2023-05-31 | CVE-2023-34220 | In JetBrains TeamCity before 2023.05 stored XSS in the Commit Status Publisher window was possible | Teamcity | 5.4 |