CVE-2025-31141
- EPSS 0%
- Published 27.03.2025 11:24:31
- Last modified 16.05.2025 14:51:04
In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
CVE-2025-31139
- EPSS 0%
- Published 27.03.2025 11:24:30
- Last modified 16.05.2025 14:51:10
In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
CVE-2025-26492
- EPSS 0%
- Published 11.02.2025 14:15:31
- Last modified 16.05.2025 14:51:14
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
CVE-2025-26493
- EPSS 9.96%
- Published 11.02.2025 14:15:31
- Last modified 16.05.2025 14:51:13
In JetBrains TeamCity before 2024.12.2 several DOM-based XSS were possible on the Code Inspection Report tab
CVE-2025-24460
- EPSS 0%
- Published 21.01.2025 18:15:19
- Last modified 30.01.2025 21:25:18
In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in the agent pool
CVE-2025-24461
- EPSS 0%
- Published 21.01.2025 18:15:19
- Last modified 30.01.2025 21:26:17
In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint
CVE-2025-24459
- EPSS 4.75%
- Published 21.01.2025 18:15:18
- Last modified 30.01.2025 21:22:22
In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page
CVE-2024-56353
- EPSS 0%
- Published 20.12.2024 15:15:09
- Last modified 02.01.2025 18:48:35
In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies
CVE-2024-56354
- EPSS 0%
- Published 20.12.2024 15:15:09
- Last modified 02.01.2025 18:47:14
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission
CVE-2024-56355
- EPSS 36.62%
- Published 20.12.2024 15:15:09
- Last modified 02.01.2025 18:46:31
In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS