VYPR

Teamcity

by Jetbrains

Source repositories

CVEs (267)

  • CVE-2021-43198Nov 9, 2021
    risk 0.00cvss epss 0.00

    In JetBrains TeamCity before 2021.1.2, stored XSS is possible.

  • CVE-2021-43200Nov 9, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.

  • CVE-2021-43201Nov 9, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2021.1.3, a newly created project could take settings from an already deleted project.

  • CVE-2021-37548Aug 6, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.

  • CVE-2021-37547Aug 6, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.

  • CVE-2021-37546Aug 6, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.

  • CVE-2021-37545Aug 6, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.

  • CVE-2021-37544Aug 6, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.

  • CVE-2021-37542Aug 6, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.3, XSS was possible.

  • CVE-2021-31915May 11, 2021
    risk 0.00cvss epss 0.03

    In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible.

  • CVE-2021-31914May 11, 2021
    risk 0.00cvss epss 0.02

    In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible.

  • CVE-2021-31913May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during GitHub SSO token exchange.

  • CVE-2021-31912May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.

  • CVE-2021-31911May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.3, reflected XSS was possible on several pages.

  • CVE-2021-31910May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible.

  • CVE-2021-31908May 11, 2021
    risk 0.00cvss epss 0.00

    In JetBrains TeamCity before 2020.2.3, stored XSS was possible on several pages.

  • CVE-2021-31909May 11, 2021
    risk 0.00cvss epss 0.03

    In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was possible.

  • CVE-2021-3315May 11, 2021
    risk 0.00cvss epss 0.00

    In JetBrains TeamCity before 2020.2.2, stored XSS on a tests page was possible.

  • CVE-2021-31907May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were implemented improperly.

  • CVE-2021-31906May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.

Page 11 of 14