Teamcity

teamcity

Vendor: Jetbrains • 269 CVEs

CVEs (269)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-28173 1Jetbrains 1Teamcity Dec 16, 2024 Mar 6, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosed
CVE-2024-27199 1Jetbrains 1Teamcity Apr 21, 2026 Mar 4, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
CVE-2024-27198 1Jetbrains 1Teamcity Oct 24, 2025 Mar 4, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
CVE-2024-24942 1Jetbrains 1Teamcity Nov 21, 2024 Feb 6, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
CVE-2024-24938 1Jetbrains 1Teamcity Nov 21, 2024 Feb 6, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
CVE-2024-24937 1Jetbrains 1Teamcity Nov 21, 2024 Feb 6, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible
CVE-2024-24936 1Jetbrains 1Teamcity Nov 21, 2024 Feb 6, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
CVE-2024-23917 1Jetbrains 1Teamcity Nov 21, 2024 Feb 6, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
CVE-2023-50870 1Jetbrains 1Teamcity Nov 21, 2024 Dec 15, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
CVE-2023-43566 1Jetbrains 1Teamcity Nov 21, 2024 Sep 19, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.4 stored XSS was possible during nodes configuration
CVE-2023-42793 1Jetbrains 1Teamcity Oct 24, 2025 Sep 19, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
CVE-2023-41250 1Jetbrains 1Teamcity Nov 21, 2024 Aug 25, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration
CVE-2023-41249 1Jetbrains 1Teamcity Nov 21, 2024 Aug 25, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step
CVE-2023-41248 1Jetbrains 1Teamcity Nov 21, 2024 Aug 25, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration
CVE-2023-39175 1Jetbrains 1Teamcity Nov 21, 2024 Jul 25, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.2 reflected XSS via GitHub integration was possible
CVE-2023-39174 1Jetbrains 1Teamcity Nov 21, 2024 Jul 25, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue trackers
CVE-2023-39173 1Jetbrains 1Teamcity Nov 21, 2024 Jul 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access
CVE-2023-38067 1Jetbrains 1Teamcity Nov 21, 2024 Jul 12, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.1 build parameters of the "password" type could be written to the agent log
CVE-2023-38066 1Jetbrains 1Teamcity Nov 21, 2024 Jul 12, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.1 reflected XSS via the Referer header was possible during artifact downloads
CVE-2023-38065 1Jetbrains 1Teamcity Nov 21, 2024 Jul 12, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2023.05.1 stored XSS while viewing the build log was possible

Previous 1...678...14 Next