Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
teamcity vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-15848
JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user.
Jetbrains Teamcity 2019.1
Jetbrains Teamcity 2019.1.1
9.8
CVSSv3
CVE-2019-18364
In JetBrains TeamCity prior to 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2019-18366
In JetBrains TeamCity prior to 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2021-25772
In JetBrains TeamCity prior to 2020.2.2, TeamCity server DoS was possible via server integration.
Jetbrains Teamcity
4.3
CVSSv3
CVE-2021-25774
In JetBrains TeamCity prior to 2020.2.1, a user could get access to the GitHub access token of another user.
Jetbrains Teamcity
7.5
CVSSv3
CVE-2021-25776
In JetBrains TeamCity prior to 2020.2, an ECR token could be exposed in a build's parameters.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2021-25777
In JetBrains TeamCity prior to 2020.2.1, permissions during token removal were checked improperly.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2021-25778
In JetBrains TeamCity prior to 2020.2.1, permissions during user deletion were checked improperly.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2022-40979
In JetBrains TeamCity prior to 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable
Jetbrains Teamcity
6.5
CVSSv3
CVE-2022-36321
In JetBrains TeamCity prior to 2022.04.2 the private SSH key could be written to the build log in some cases
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »