RSS   Podatności dla 'Teamcity'   RSS

2021-08-06
 
CVE-2021-37542

CWE-79
 

 
In JetBrains TeamCity before 2020.2.3, XSS was possible.

 
 
CVE-2021-37544

CWE-502
 

 
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.

 
 
CVE-2021-37545

CWE-287
 

 
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.

 
 
CVE-2021-37546

CWE-326
 

 
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.

 
 
CVE-2021-37547

NVD-CWE-noinfo
 

 
In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.

 
 
CVE-2021-37548

CWE-312
 

 
In JetBrains TeamCity before 2021.1, passwords in cleartext sometimes could be stored in VCS.

 
2021-05-11
 
CVE-2021-26309

CWE-668
 

 
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible because a local temporary file had Insecure Permissions.

 
 
CVE-2021-26310

NVD-CWE-noinfo
 

 
In the TeamCity IntelliJ plugin before 2020.2.2.85899, DoS was possible.

 
 
CVE-2021-31904

CWE-79
 

 
In JetBrains TeamCity before 2020.2.2, XSS was potentially possible on the test history page.

 
 
CVE-2021-31906

NVD-CWE-noinfo
 

 
In JetBrains TeamCity before 2020.2.2, audit logs were not sufficient when an administrator uploaded a file.

 


Copyright 2021, cxsecurity.com

 

Back to Top