Teamcity

teamcity

Vendor: Jetbrains • 269 CVEs

CVEs (269)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-48344 1Jetbrains 1Teamcity Nov 21, 2024 Feb 23, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.
CVE-2022-48343 1Jetbrains 1Teamcity Nov 21, 2024 Feb 23, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process.
CVE-2022-48342 1Jetbrains 1Teamcity Nov 21, 2024 Feb 23, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
CVE-2022-46831 1Jetbrains 1Teamcity Nov 21, 2024 Dec 8, 2022 N/A· v4 4.9 MEDIUM· v3 N/A· v2 In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system admi...Show more In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default Credential Provider Chain" allowed TeamCity project administrators to access AWS resources normally limited to TeamCity system administrators.Show less
CVE-2022-46830 1Jetbrains 1Teamcity Nov 21, 2024 Dec 8, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port scanning.
CVE-2022-44646 1Jetbrains 1Teamcity Nov 21, 2024 Nov 3, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings
CVE-2022-44624 1Jetbrains 1Teamcity Nov 21, 2024 Nov 3, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special characters
CVE-2022-44623 1Jetbrains 1Teamcity Nov 21, 2024 Nov 3, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 In JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settings
CVE-2022-44622 1Jetbrains 1Teamcity Nov 21, 2024 Nov 3, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive
CVE-2022-40979 1Jetbrains 1Teamcity Nov 21, 2024 Sep 23, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable
CVE-2022-38133 1Jetbrains 1Teamcity Nov 21, 2024 Aug 10, 2022 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases
CVE-2022-36322 1Jetbrains 1Teamcity Nov 21, 2024 Jul 20, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 In JetBrains TeamCity before 2022.04.2 build parameter injection was possible
CVE-2022-36321 1Jetbrains 1Teamcity Nov 21, 2024 Jul 20, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases
CVE-2022-29929 1Jetbrains 1Teamcity Nov 21, 2024 May 12, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible
CVE-2022-29928 1Jetbrains 1Teamcity Nov 21, 2024 May 12, 2022 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible
CVE-2022-29927 1Jetbrains 1Teamcity Nov 21, 2024 May 12, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 In JetBrains TeamCity before 2022.04 reflected XSS on the Build Chain Status page was possible
CVE-2022-25264 1Jetbrains 1Teamcity Nov 21, 2024 Feb 25, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases.
CVE-2022-25263 1Jetbrains 1Teamcity Nov 21, 2024 Feb 25, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push feature configuration.
CVE-2022-25261 1Jetbrains 1Teamcity Nov 21, 2024 Feb 25, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JetBrains TeamCity before 2021.2.2 was vulnerable to reflected XSS.
CVE-2022-24342 1Jetbrains 1Teamcity Nov 21, 2024 Feb 25, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In JetBrains TeamCity before 2021.2.1, URL injection leading to CSRF was possible.

Previous 1...8910...14 Next