Jetbrains: >> Teamcity >> 2.0 Security Vulnerabilities
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
CVSS Score
3.5
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
CVSS Score
6.4
EPSS Score
0.0
Published
2024-07-22
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
CVSS Score
4.6
EPSS Score
0.436
Published
2024-07-22
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
CVSS Score
3.5
EPSS Score
0.001
Published
2024-07-22
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
CVSS Score
4.1
EPSS Score
0.0
Published
2024-07-01
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
CVSS Score
5.0
EPSS Score
0.0
Published
2024-07-01
In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed
CVSS Score
5.3
EPSS Score
0.0
Published
2024-05-29
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-05-29
In JetBrains TeamCity before 2024.03.2 certain TeamCity API endpoints did not check user permissions
CVSS Score
6.5
EPSS Score
0.0
Published
2024-05-29
In JetBrains TeamCity before 2024.03.2 server was susceptible to DoS attacks with incorrect auth tokens
CVSS Score
5.9
EPSS Score
0.0
Published
2024-05-29