Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-12 | CVE-2022-29929 | In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible | Teamcity | 6.1 | ||
| 2022-07-20 | CVE-2022-36321 | In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases | Teamcity | 6.5 | ||
| 2022-07-20 | CVE-2022-36322 | In JetBrains TeamCity before 2022.04.2 build parameter injection was possible | Teamcity | 8.8 | ||
| 2022-08-10 | CVE-2022-38133 | In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases | Teamcity | 5.3 | ||
| 2022-09-23 | CVE-2022-40979 | In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable | Teamcity | 5.3 | ||
| 2022-11-03 | CVE-2022-44622 | In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive | Teamcity | 5.3 | ||
| 2022-11-03 | CVE-2022-44623 | In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings | Teamcity | 7.5 | ||
| 2022-11-03 | CVE-2022-44624 | In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters | Teamcity | 7.5 | ||
| 2022-11-03 | CVE-2022-44646 | In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings | Teamcity | 5.3 | ||
| 2022-12-08 | CVE-2022-46830 | In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning. | Teamcity | 5.3 |