Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Teamcity
(Jetbrains)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 232 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-07-28 | CVE-2025-54532 | In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via snapshot dependencies | Teamcity | N/A | ||
| 2025-07-28 | CVE-2025-54533 | In JetBrains TeamCity before 2025.07 improper access control allowed disclosure of build settings via VCS configuration | Teamcity | N/A | ||
| 2025-07-28 | CVE-2025-54534 | In JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset page | Teamcity | N/A | ||
| 2025-07-28 | CVE-2025-54535 | In JetBrains TeamCity before 2025.07 password reset and email verification tokens were using weak hashing algorithms | Teamcity | 7.5 | ||
| 2025-07-28 | CVE-2025-54537 | In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots | Teamcity | N/A | ||
| 2025-07-28 | CVE-2025-54538 | In JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" command | Teamcity | N/A | ||
| 2025-06-23 | CVE-2025-52875 | In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible | Teamcity | N/A | ||
| 2025-06-23 | CVE-2025-52876 | In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible | Teamcity | N/A | ||
| 2025-06-23 | CVE-2025-52877 | In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible | Teamcity | N/A | ||
| 2025-06-23 | CVE-2025-52878 | In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions | Teamcity | N/A |