10.0.1

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-28	CVE-2024-31140	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools network low complexity jetbrains	4.9
2024-03-21	CVE-2024-29880	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process local low complexity jetbrains	7.8
2024-03-06	CVE-2024-28174	Incorrect Authorization vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly network low complexity jetbrains CWE-863	5.8
2024-03-04	CVE-2024-27198	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible network low complexity jetbrains critical	9.8
2024-03-04	CVE-2024-27199	Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible network low complexity jetbrains CWE-22	7.3
2024-02-06	CVE-2024-23917	Missing Authentication for Critical Function vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible network low complexity jetbrains CWE-306 critical	9.8
2024-02-06	CVE-2024-24936	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed network low complexity jetbrains	5.3
2024-02-06	CVE-2024-24937	Cross-site Scripting vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 stored XSS via agent distribution was possible network low complexity jetbrains CWE-79	5.4
2024-02-06	CVE-2024-24938	Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation network low complexity jetbrains CWE-22	5.3
2024-02-06	CVE-2024-24942	Path Traversal vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives network low complexity jetbrains CWE-22	5.3