CVE-2024-56356
- EPSS 0%
- Published 20.12.2024 15:15:09
- Last modified 02.01.2025 18:46:14
In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack
CVE-2024-56349
- EPSS 0.01%
- Published 20.12.2024 15:15:08
- Last modified 02.01.2025 18:51:21
In JetBrains TeamCity before 2024.12 improper access control allowed unauthorized users to modify build logs
CVE-2024-56350
- EPSS 0%
- Published 20.12.2024 15:15:08
- Last modified 02.01.2025 18:50:57
In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects
CVE-2024-56351
- EPSS 0.14%
- Published 20.12.2024 15:15:08
- Last modified 02.01.2025 18:49:32
In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles
CVE-2024-56352
- EPSS 36.62%
- Published 20.12.2024 15:15:08
- Last modified 02.01.2025 18:49:03
In JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details page
CVE-2024-56348
- EPSS 0%
- Published 20.12.2024 15:15:05
- Last modified 02.01.2025 18:51:41
In JetBrains TeamCity before 2024.12 improper access control allowed viewing details of unauthorized agents
CVE-2024-47951
- EPSS 0.14%
- Published 08.10.2024 16:15:13
- Last modified 11.10.2024 19:57:58
In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings
CVE-2024-47161
- EPSS 0%
- Published 08.10.2024 16:15:12
- Last modified 11.10.2024 19:54:07
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
CVE-2024-47948
- EPSS 0.01%
- Published 08.10.2024 16:15:12
- Last modified 11.10.2024 19:56:44
In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups
CVE-2024-47949
- EPSS 0.02%
- Published 08.10.2024 16:15:12
- Last modified 11.10.2024 19:57:06
In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location