JetBrains TeamCity 2024.12.3

CPE Details

JetBrains TeamCity 2024.12.3
jetbrains
teamcity
2024.12.3
2025-06-02
12h24 +00:00
2025-06-02
12h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:jetbrains:teamcity:2024.12.3:*:*:*:*:*:*:*

Informations

Vendor

jetbrains

Product

teamcity

Version

2024.12.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-59457 2025-09-17 09h04 +00:00 In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows
7.7
High
CVE-2025-59456 2025-09-17 09h04 +00:00 In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload
5.5
Medium
CVE-2025-59455 2025-09-17 09h04 +00:00 In JetBrains TeamCity before 2025.07.2 project isolation bypass was possible due to race condition
4.2
Medium
CVE-2025-57734 2025-08-20 09h14 +00:00 In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
6.5
Medium
CVE-2025-57733 2025-08-20 09h14 +00:00 In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
5.5
Medium
CVE-2025-57732 2025-08-20 09h14 +00:00 In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
7.5
High
CVE-2025-52879 2025-06-23 14h13 +00:00 In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
4.8
Medium
CVE-2025-52878 2025-06-23 14h13 +00:00 In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions
4.3
Medium
CVE-2025-52877 2025-06-23 14h13 +00:00 In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
4.8
Medium
CVE-2025-52876 2025-06-23 14h13 +00:00 In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible
5.4
Medium
CVE-2025-52875 2025-06-23 14h13 +00:00 In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
5.4
Medium
CVE-2025-47854 2025-05-20 17h37 +00:00 In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page
6.1
Medium
CVE-2025-47853 2025-05-20 17h37 +00:00 In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible
5.4
Medium
CVE-2025-47852 2025-05-20 17h37 +00:00 In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible
5.4
Medium
CVE-2025-47851 2025-05-20 17h37 +00:00 In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible
5.4
Medium
CVE-2025-46618 2025-04-25 14h32 +00:00 In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab
6.1
Medium
CVE-2025-46433 2025-04-25 14h32 +00:00 In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible
9.8
Critical
CVE-2025-46432 2025-04-25 14h32 +00:00 In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs
6.5
Medium
CVE-2025-31141 2025-03-27 11h24 +00:00 In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
7.5
High
CVE-2025-31140 2025-03-27 11h24 +00:00 In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
6.1
Medium
CVE-2025-31139 2025-03-27 11h24 +00:00 In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
6.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.