Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 197 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-08-08 | CVE-2020-15831 | JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI. | Teamcity | 6.1 | ||
| 2020-11-16 | CVE-2020-27628 | In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. | Teamcity | 4.3 | ||
| 2020-11-16 | CVE-2020-27629 | In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. | Teamcity | 5.3 | ||
| 2020-11-16 | CVE-2020-27627 | JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | Teamcity | 6.1 | ||
| 2021-02-03 | CVE-2020-35667 | JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials. | Teamcity | 7.5 | ||
| 2021-02-03 | CVE-2021-25772 | In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. | Teamcity | 5.3 | ||
| 2021-02-03 | CVE-2021-25773 | JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. | Teamcity | 6.1 | ||
| 2021-02-03 | CVE-2021-25774 | In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | Teamcity | 4.3 | ||
| 2021-02-03 | CVE-2021-25775 | In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. | Teamcity | 3.8 | ||
| 2021-02-03 | CVE-2021-25776 | In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. | Teamcity | 7.5 |