8 matches found
CVE-2024-41829
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection
CVE-2024-39879
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
CVE-2024-39878
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
CVE-2024-41826
In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page
CVE-2024-41825
In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab
CVE-2024-41827
In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration
CVE-2024-41824
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases
CVE-2024-41828
In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time