VYPR

Teamcity

by Jetbrains

Source repositories

CVEs (267)

  • CVE-2021-31904May 11, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.

  • CVE-2020-35667Feb 3, 2021
    risk 0.00cvss epss 0.01

    JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose user credentials.

  • CVE-2021-25777Feb 3, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly.

  • CVE-2021-25778Feb 3, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.

  • CVE-2021-25775Feb 3, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for any other users.

  • CVE-2021-25774Feb 3, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.1, a user could get access to the GitHub access token of another user.

  • CVE-2021-25776Feb 3, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters.

  • CVE-2021-25772Feb 3, 2021
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.

  • CVE-2021-25773Feb 3, 2021
    risk 0.00cvss epss 0.01

    JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages.

  • CVE-2020-27627Nov 16, 2020
    risk 0.00cvss epss 0.01

    JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.

  • CVE-2020-27628Nov 16, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.

  • CVE-2020-27629Nov 16, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.

  • CVE-2020-15830Aug 8, 2020
    risk 0.00cvss epss 0.01

    JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.

  • CVE-2020-15831Aug 8, 2020
    risk 0.00cvss epss 0.01

    JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.

  • CVE-2020-15828Aug 8, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.

  • CVE-2020-15829Aug 8, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.

  • CVE-2020-15825Aug 8, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.

  • CVE-2020-15826Aug 8, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.

  • CVE-2020-11938Apr 22, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.

  • CVE-2020-11689Apr 22, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file.