CVE-2025-67740

JetBrains TeamCity CVE-2025-67740 affects TeamCity before 2025.11.0, where improper access control could expose GitHub App token metadata. The connected Nessus entry notes multiple vulnerabilities in versions prior to 2025.11.0 (e.g., CVEs 67741, 67765, 68166, etc.). Remediation: upgrade to TeamC...

EUVD-2024-35272

Malicious code in bioql PyPI...

CVE-2024-35301

In JetBrains TeamCity before 2024.03.1 commit status publisher didn't check project scope of the GitHub App token...

CVE-2024-35301

CVE-2024-35301 affects JetBrains TeamCity versions prior to 2024.03.1. The root cause is the commit status publisher not checking the project scope of the GitHub App token, which can lead to improper permission handling. PT-Security notes the issue can enable a remote attacker to execute arbitrar...

PT-2024-3699 · Jetbrains · Jetbrains Teamcity +1

Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.03.1 Description: The issue is related to the commit status publisher in JetBrains TeamCity not checking the project scope of the GitHub App token, which can lead to incorrect handling of insufficient...