JetBrains ≫ Teamcity

In JetBrains TeamCity before 2024.07 access tokens could continue working after deletion or expiration

In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time

In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space Application connection

In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build log in some specific cases

In JetBrains TeamCity before 2024.07 stored XSS was possible on the Code Inspection tab

In JetBrains TeamCity before 2024.07 stored XSS was possible on Show Connection page

In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection

In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings

In JetBrains TeamCity before 2024.03.2 technical information regarding TeamCity server could be exposed

In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions