Exposición de TeamCity
CI43
score de exposición
1
sitios usan
3
en explotación
4
críticos
CVEs
176 resultadosCVE-2025-31139MEDIUMIn JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build logEPSS 0.9%CVE-2025-46432MEDIUMIn JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logsEPSS 0.8%CVE-2024-56352MEDIUMIn JetBrains TeamCity before 2024.12 stored XSS was possible via image name on the agent details pageEPSS 0.8%CVE-2024-56355MEDIUMIn JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSSEPSS 0.8%CVE-2025-59457HIGHIn JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on WindowsEPSS 0.8%CVE-2024-24938MEDIUMIn JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentationEPSS 0.7%CVE-2025-57734MEDIUMIn JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script filesEPSS 0.7%CVE-2025-52875MEDIUMIn JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possibleEPSS 0.7%CVE-2025-54534MEDIUMIn JetBrains TeamCity before 2025.07 reflected XSS was possible on the agentpushPreset pageEPSS 0.7%CVE-2025-67742LOWIn JetBrains TeamCity before 2025.11 path traversal was possible via file uploadEPSS 0.7%CVE-2026-49377MEDIUMIn JetBrains TeamCity before 2025.11.2 exposure of sensitive data via default agent parametersEPSS 0.7%CVE-2023-34218CRITICALIn JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin actions was possibleEPSS 0.6%CVE-2022-36322MEDIUMIn JetBrains TeamCity before 2022.04.2 build parameter injection was possibleEPSS 0.6%CVE-2025-47852MEDIUMIn JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possibleEPSS 0.6%CVE-2025-47853MEDIUMIn JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possibleEPSS 0.6%CVE-2024-31136HIGHIn JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameterEPSS 0.5%CVE-2022-44624MEDIUMIn JetBrains TeamCity version before 2022.10, Password parameters could be exposed in the build log if they contained special charactersEPSS 0.5%CVE-2022-44623MEDIUMIn JetBrains TeamCity version before 2022.10, Project Viewer could see scrambled secure values in the MetaRunner settingsEPSS 0.5%CVE-2024-28173MEDIUMIn JetBrains TeamCity between 2023.11 and 2023.11.4 custom build parameters of the "password" type could be disclosedEPSS 0.5%CVE-2024-47948MEDIUMIn JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backupsEPSS 0.5%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →