Teamcity CVEs and Security Vulnerabilities

Filtered by vendor Jetbrains Subscriptions

Filtered by product Teamcity Subscriptions

Search

Switch to Advanced Search (Beta)

Total 209 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-41828	1 Jetbrains	1 Teamcity	2024-11-21	2.6 Low
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
CVE-2024-41827	1 Jetbrains	1 Teamcity	2024-11-21	7.4 High
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
CVE-2024-41826	1 Jetbrains	1 Teamcity	2024-11-21	3.5 Low
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
CVE-2024-41825	1 Jetbrains	1 Teamcity	2024-11-21	4.6 Medium
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
CVE-2024-41824	1 Jetbrains	1 Teamcity	2024-11-21	6.4 Medium
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
CVE-2024-39879	1 Jetbrains	1 Teamcity	2024-11-21	5 Medium
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
CVE-2024-39878	1 Jetbrains	1 Teamcity	2024-11-21	4.1 Medium
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
CVE-2024-31138	1 Jetbrains	1 Teamcity	2024-11-21	4.6 Medium
In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings
CVE-2024-31137	1 Jetbrains	1 Teamcity	2024-11-21	6.8 Medium
In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration
CVE-2024-31135	1 Jetbrains	1 Teamcity	2024-11-21	6.1 Medium
In JetBrains TeamCity before 2024.03 open redirect was possible on the login page
CVE-2024-24942	1 Jetbrains	1 Teamcity	2024-11-21	5.3 Medium
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
CVE-2024-24938	1 Jetbrains	1 Teamcity	2024-11-21	5.3 Medium
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
CVE-2024-24937	1 Jetbrains	1 Teamcity	2024-11-21	4.6 Medium
In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
CVE-2024-24936	1 Jetbrains	1 Teamcity	2024-11-21	4.3 Medium
In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVE-2024-23917	1 Jetbrains	1 Teamcity	2024-11-21	9.8 Critical
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
CVE-2023-50870	1 Jetbrains	1 Teamcity	2024-11-21	4.3 Medium
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
CVE-2023-43566	1 Jetbrains	1 Teamcity	2024-11-21	3.5 Low
In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
CVE-2023-41250	1 Jetbrains	1 Teamcity	2024-11-21	3.5 Low
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
CVE-2023-41249	1 Jetbrains	1 Teamcity	2024-11-21	4.6 Medium
In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step
CVE-2023-41248	1 Jetbrains	1 Teamcity	2024-11-21	4.6 Medium
In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration

« first previous Page 4 of 11. next last »