CPE Details
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:jetbrains:teamcity:2025.03.2:*:*:*:*:*:*:*
Informations
Vendor
jetbrainsProduct
teamcityVersion
2025.03.2Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows | 7.7 |
High |
||
| In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload | 5.5 |
Medium |
||
| In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition | 4.2 |
Medium |
||
| In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files | 6.5 |
Medium |
||
| In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content | 5.5 |
Medium |
||
| In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership | 7.5 |
High |
||
| In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible | 4.8 |
Medium |
||
| In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions | 4.3 |
Medium |
||
| In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible | 4.8 |
Medium |
||
| In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible | 5.4 |
Medium |
||
| In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible | 5.4 |
Medium |
