Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains teamcity vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-43202
In JetBrains TeamCity prior to 2021.1.3, the X-Frame-Options header is missing in some cases.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2020-27629
In JetBrains TeamCity prior to 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2022-40979
In JetBrains TeamCity prior to 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable
Jetbrains Teamcity
4.9
CVSSv3
CVE-2020-11938
In JetBrains TeamCity 2018.2 up to and including 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.
Jetbrains Teamcity
6.1
CVSSv3
CVE-2019-12842
A reflected XSS on a user page was detected on one of the JetBrains TeamCity pages. The issue was fixed in TeamCity 2018.2.2.
Jetbrains Teamcity
5.3
CVSSv3
CVE-2019-12845
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3.
Jetbrains Teamcity
9.8
CVSSv3
CVE-2024-27198
In JetBrains TeamCity prior to 2023.11.4 authentication bypass allowing to perform admin actions was possible
Jetbrains Teamcity
1 Metasploit module
14 Github repositories
6 Articles
5.4
CVSSv3
CVE-2023-43566
In JetBrains TeamCity prior to 2023.05.4 stored XSS was possible during nodes configuration
Jetbrains Teamcity
5.3
CVSSv3
CVE-2021-43194
In JetBrains TeamCity prior to 2021.1.2, user enumeration was possible.
Jetbrains Teamcity
6.1
CVSSv3
CVE-2021-43197
In JetBrains TeamCity prior to 2021.1.2, email notifications could include unescaped HTML for XSS.
Jetbrains Teamcity
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »