Total
150 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-31909 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible. | |||||
CVE-2021-31911 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages. | |||||
CVE-2021-37547 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made. | |||||
CVE-2021-25775 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.5 MEDIUM | 3.8 LOW |
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users. | |||||
CVE-2021-25773 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. | |||||
CVE-2020-27628 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. | |||||
CVE-2020-27629 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. | |||||
CVE-2021-25772 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. | |||||
CVE-2020-35667 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials. | |||||
CVE-2021-25776 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. | |||||
CVE-2021-25777 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly. | |||||
CVE-2021-25778 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. | |||||
CVE-2020-27627 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | |||||
CVE-2021-25774 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user. | |||||
CVE-2020-15825 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges. | |||||
CVE-2020-15831 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI. | |||||
CVE-2020-15826 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have. | |||||
CVE-2020-11686 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.0 MEDIUM | 2.7 LOW |
In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings. | |||||
CVE-2020-15830 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI. | |||||
CVE-2020-15829 | 1 Jetbrains | 1 Teamcity | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs. |