CPE Details
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:jetbrains:teamcity:2024.12:*:*:*:*:*:*:*
Informations
Vendor
jetbrainsProduct
teamcityVersion
2024.12Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page | 6.1 |
Moyen |
||
| In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible | 5.4 |
Moyen |
||
| In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible | 5.4 |
Moyen |
||
| In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible | 5.4 |
Moyen |
||
| In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab | 6.1 |
Moyen |
||
| In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible | 9.8 |
Critique |
||
| In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs | 6.5 |
Moyen |
||
| In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page | 7.5 |
Haute |
||
| In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page | 6.1 |
Moyen |
||
| In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log | 6.5 |
Moyen |
||
| In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources | 9.1 |
Critique |
||
| In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab | 6.1 |
Moyen |
||
| In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool | 4.3 |
Moyen |
||
| In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page | 6.1 |
Moyen |
