Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-03 | CVE-2021-25774 | In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | Teamcity | 4.3 | ||
| 2021-02-03 | CVE-2021-25775 | In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. | Teamcity | 3.8 | ||
| 2021-02-03 | CVE-2021-25776 | In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. | Teamcity | 7.5 | ||
| 2021-02-03 | CVE-2021-25777 | In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. | Teamcity | 5.3 | ||
| 2021-02-03 | CVE-2021-25778 | In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. | Teamcity | 5.3 | ||
| 2021-05-11 | CVE-2021-26309 | Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions. | Teamcity | 3.3 | ||
| 2021-05-11 | CVE-2021-26310 | In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible. | Teamcity | 7.5 | ||
| 2021-05-11 | CVE-2021-31904 | In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page. | Teamcity | 6.1 | ||
| 2021-05-11 | CVE-2021-31906 | In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file. | Teamcity | 2.7 | ||
| 2021-05-11 | CVE-2021-31907 | In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly. | Teamcity | 5.3 |