VYPR

Teamcity

by Jetbrains

Source repositories

CVEs (267)

  • CVE-2020-11688Apr 22, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.2.1, the application state is kept alive after a user ends his session.

  • CVE-2020-11687Apr 22, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages.

  • CVE-2020-11686Apr 22, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings.

  • CVE-2020-7911Jan 30, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS.

  • CVE-2020-7910Jan 30, 2020
    risk 0.00cvss epss 0.01

    JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role.

  • CVE-2020-7909Jan 30, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI.

  • CVE-2020-7908Jan 30, 2020
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages.

  • CVE-2019-18367Oct 31, 2019
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user without the corresponding permissions.

  • CVE-2019-18366Oct 31, 2019
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View build runtime parameters and data" permission.

  • CVE-2019-18365Oct 31, 2019
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible on several pages.

  • CVE-2019-18364Oct 31, 2019
    risk 0.00cvss epss 0.03

    In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow remote code execution.

  • CVE-2019-18363Oct 31, 2019
    risk 0.00cvss epss 0.01

    In JetBrains TeamCity before 2019.1.2, access could be gained to the history of builds of a deleted build configuration under some circumstances.

  • CVE-2019-12156Oct 2, 2019
    risk 0.00cvss epss 0.01

    Server metadata could be exposed because one of the error messages reflected the whole response back to the client in JetBrains TeamCity versions before 2018.2.5 and UpSource versions before 2018.2 build 1293.

  • CVE-2019-15036Oct 2, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could execute any command on the server machine. The issue was fixed in TeamCity 2018.2.5 and 2019.1.

  • CVE-2019-15037Oct 2, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in JetBrains TeamCity 2018.2.4. It had several XSS vulnerabilities on the settings pages. The issues were fixed in TeamCity 2019.1.

  • CVE-2019-15035Oct 1, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Project administrator could get access to potentially confidential server-level data. The issue was fixed in TeamCity 2018.2.5 and 2019.1.

  • CVE-2019-15042Oct 1, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1.

  • CVE-2019-15038Oct 1, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity server was not using some security-related HTTP headers. The issue was fixed in TeamCity 2019.1.

  • CVE-2019-15848Sep 5, 2019
    risk 0.00cvss epss 0.01

    JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user.

  • CVE-2019-12846Jul 3, 2019
    risk 0.00cvss epss 0.01

    A user without the required permissions could gain access to some JetBrains TeamCity settings. The issue was fixed in TeamCity 2018.2.2.

Page 13 of 14