CVE-2021-43195
- EPSS 0.01%
- Published 09.11.2021 15:15:09
- Last modified 21.11.2024 06:28:49
In JetBrains TeamCity before 2021.1.2, some HTTP security headers were missing.
CVE-2021-43196
- EPSS 0%
- Published 09.11.2021 15:15:09
- Last modified 21.11.2024 06:28:49
In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection dialog is possible.
CVE-2021-43197
- EPSS 0.01%
- Published 09.11.2021 15:15:09
- Last modified 21.11.2024 06:28:49
In JetBrains TeamCity before 2021.1.2, email notifications could include unescaped HTML for XSS.
CVE-2021-43198
- EPSS 0.02%
- Published 09.11.2021 15:15:09
- Last modified 21.11.2024 06:28:49
In JetBrains TeamCity before 2021.1.2, stored XSS is possible.
CVE-2021-43199
- EPSS 0%
- Published 09.11.2021 15:15:09
- Last modified 21.11.2024 06:28:49
In JetBrains TeamCity before 2021.1.2, permission checks in the Create Patch functionality are insufficient.
CVE-2021-43200
- EPSS 0.01%
- Published 09.11.2021 15:15:09
- Last modified 21.11.2024 06:28:49
In JetBrains TeamCity before 2021.1.2, permission checks in the Agent Push functionality were insufficient.
CVE-2021-37542
- EPSS 0.01%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:20
In JetBrains TeamCity before 2020.2.3, XSS was possible.
CVE-2021-37544
- EPSS 0.02%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:22
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.
CVE-2021-37545
- EPSS 0%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:22
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
CVE-2021-37546
- EPSS 0%
- Published 06.08.2021 14:15:08
- Last modified 21.11.2024 06:15:22
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.