Total
236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35667 | 1 Jetbrains | 1 Teamcity | 2021-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials. | |||||
| CVE-2021-25774 | 1 Jetbrains | 1 Teamcity | 2021-02-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | |||||
| CVE-2021-25772 | 1 Jetbrains | 1 Teamcity | 2021-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. | |||||
| CVE-2021-25776 | 1 Jetbrains | 1 Teamcity | 2021-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. | |||||
| CVE-2021-25777 | 1 Jetbrains | 1 Teamcity | 2021-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. | |||||
| CVE-2021-25773 | 1 Jetbrains | 1 Teamcity | 2021-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. | |||||
| CVE-2019-12157 | 1 Jetbrains | 2 Teamcity, Upsource | 2021-01-26 | 10.0 HIGH | 9.8 CRITICAL |
| In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands. | |||||
| CVE-2020-27629 | 1 Jetbrains | 1 Teamcity | 2020-12-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. | |||||
| CVE-2020-27627 | 1 Jetbrains | 1 Teamcity | 2020-12-01 | 5.8 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | |||||
| CVE-2020-27628 | 1 Jetbrains | 1 Teamcity | 2020-11-23 | 4.0 MEDIUM | 4.3 MEDIUM |
| In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. | |||||
| CVE-2019-12845 | 1 Jetbrains | 1 Teamcity | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3. | |||||
| CVE-2019-12846 | 1 Jetbrains | 1 Teamcity | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| A user without the required permissions could gain access to some JetBrains TeamCity settings. The issue was fixed in TeamCity 2018.2.2. | |||||
| CVE-2019-15038 | 1 Jetbrains | 1 Teamcity | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1. | |||||
| CVE-2019-15039 | 1 Jetbrains | 1 Teamcity | 2020-08-24 | 6.8 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possible remote code execution issue. This was fixed in TeamCity 2019.1. | |||||
| CVE-2019-12843 | 1 Jetbrains | 1 Teamcity | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A possible stored JavaScript injection requiring a deliberate server administrator action was detected. The issue was fixed in JetBrains TeamCity 2018.2.3. | |||||
| CVE-2019-12844 | 1 Jetbrains | 1 Teamcity | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A possible stored JavaScript injection was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity 2018.2.3. | |||||
| CVE-2020-15830 | 1 Jetbrains | 1 Teamcity | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI. | |||||
| CVE-2020-15831 | 1 Jetbrains | 1 Teamcity | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI. | |||||
| CVE-2020-11687 | 1 Jetbrains | 1 Teamcity | 2020-04-27 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages. | |||||
| CVE-2020-11688 | 1 Jetbrains | 1 Teamcity | 2020-04-27 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session. | |||||