Teamcity

teamcity

Vendor: Jetbrains • 269 CVEs

CVEs (269)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-26310 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible.
CVE-2021-26309 1Jetbrains 1Teamcity Nov 21, 2024 May 11, 2021 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.
CVE-2021-25778 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.
CVE-2021-25777 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.
CVE-2021-25776 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.
CVE-2021-25775 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 3.8 LOW· v3 5.5 MEDIUM· v2 In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.
CVE-2021-25774 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.
CVE-2021-25773 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.
CVE-2021-25772 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.
CVE-2020-35667 1Jetbrains 1Teamcity Nov 21, 2024 Feb 3, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.
CVE-2020-27627 1Jetbrains 1Teamcity Nov 21, 2024 Nov 16, 2020 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
CVE-2020-27629 1Jetbrains 1Teamcity Nov 21, 2024 Nov 16, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
CVE-2020-27628 1Jetbrains 1Teamcity Nov 21, 2024 Nov 16, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
CVE-2020-15831 1Jetbrains 1Teamcity Nov 21, 2024 Aug 8, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
CVE-2020-15830 1Jetbrains 1Teamcity Nov 21, 2024 Aug 8, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
CVE-2020-15829 1Jetbrains 1Teamcity Nov 21, 2024 Aug 8, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
CVE-2020-15828 1Jetbrains 1Teamcity Nov 21, 2024 Aug 8, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
CVE-2020-15826 1Jetbrains 1Teamcity Nov 21, 2024 Aug 8, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
CVE-2020-15825 1Jetbrains 1Teamcity Nov 21, 2024 Aug 8, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.
CVE-2020-11938 1Jetbrains 1Teamcity Nov 21, 2024 Apr 22, 2020 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.

Previous 1...10 111213 14 Next