Vulnerabilities > Jetbrains > Teamcity

DATE CVE VULNERABILITY TITLE RISK
2024-07-22 CVE-2024-41824 Information Exposure Through Log Files vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
network
low complexity
jetbrains CWE-532
6.5
2024-07-22 CVE-2024-41825 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
network
low complexity
jetbrains CWE-79
5.4
2024-07-22 CVE-2024-41826 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
network
low complexity
jetbrains CWE-79
4.8
2024-07-22 CVE-2024-41827 Insufficient Session Expiration vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
network
low complexity
jetbrains CWE-613
critical
9.8
2024-07-22 CVE-2024-41828 Unspecified vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time
network
low complexity
jetbrains
6.5
2024-07-22 CVE-2024-41829 Improper Authentication vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
network
low complexity
jetbrains CWE-287
7.5
2024-07-01 CVE-2024-39878 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
network
low complexity
jetbrains CWE-522
5.3
2024-07-01 CVE-2024-39879 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
network
low complexity
jetbrains CWE-522
5.3
2024-05-29 CVE-2024-36362 Path Traversal vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 path traversal allowing to read files from server was possible
network
low complexity
jetbrains CWE-22
6.5
2024-05-29 CVE-2024-36363 Cross-site Scripting vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 several Stored XSS in code inspection reports were possible
network
low complexity
jetbrains CWE-79
5.4