Teamcity Security Vulnerabilities and Issues — Teamcity CVE List

Lucene search

JetbrainsTeamcity

20 matches found

CVE•added 2025/03/27 12:15 p.m.•54 views

CVE-2025-31139

In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log

6.5CVSS4.8AI score0.00001EPSS

CVE•added 2025/01/21 6:15 p.m.•50 views

CVE-2025-24461

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint

6.5CVSS7AI score0.00001EPSS

CVE•added 2025/02/11 2:15 p.m.•50 views

CVE-2025-26492

In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources

9.1CVSS7.5AI score0.00001EPSS

CVE•added 2025/04/25 3:15 p.m.•50 views

CVE-2025-46618

In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab

6.1CVSS6AI score0.00027EPSS

CVE•added 2025/01/21 6:15 p.m.•48 views

CVE-2025-24459

In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page

6.1CVSS6.2AI score0.01355EPSS

CVE•added 2025/03/27 12:15 p.m.•48 views

CVE-2025-31140

In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page

6.1CVSS6AI score0.00101EPSS

CVE•added 2025/03/27 12:15 p.m.•48 views

CVE-2025-31141

In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page

7.5CVSS6.9AI score0.00001EPSS

CVE•added 2025/02/11 2:15 p.m.•47 views

CVE-2025-26493

In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab

6.1CVSS4.7AI score0.02817EPSS

CVE•added 2025/04/25 3:15 p.m.•47 views

CVE-2025-46432

In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs

6.5CVSS7.2AI score0.00002EPSS

CVE•added 2025/04/25 3:15 p.m.•45 views

CVE-2025-46433

In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible

9.8CVSS7.2AI score0.00002EPSS

CVE•added 2025/01/21 6:15 p.m.•39 views

CVE-2025-24460

In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool

4.3CVSS6.8AI score0.00001EPSS

CVE•added 2025/05/20 6:15 p.m.•26 views

CVE-2025-47854

In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page

6.1CVSS7.2AI score0.00002EPSS

CVE•added 2025/05/20 6:15 p.m.•21 views

CVE-2025-47852

In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible

5.4CVSS4.9AI score0.00013EPSS

CVE•added 2025/05/20 6:15 p.m.•20 views

CVE-2025-47851

In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible

5.4CVSS5AI score0.00013EPSS

CVE•added 2025/05/20 6:15 p.m.•19 views

CVE-2025-47853

In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible

5.4CVSS4.9AI score0.00013EPSS

CVE•added 2025/06/23 3:15 p.m.•6 views

CVE-2025-52875

In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible

5.4CVSS5.3AI score0.00072EPSS

CVE•added 2025/06/23 3:15 p.m.•6 views

CVE-2025-52877

In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible

4.8CVSS5AI score0.00016EPSS

CVE•added 2025/06/23 3:15 p.m.•6 views

CVE-2025-52879

In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible

4.8CVSS5AI score0.00016EPSS

CVE•added 2025/06/23 3:15 p.m.•4 views

CVE-2025-52876

In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible

5.4CVSS5.3AI score0.00072EPSS

CVE•added 2025/06/23 3:15 p.m.•4 views

CVE-2025-52878

In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions

4.3CVSS4.8AI score0.00002EPSS