In JetBrains TeamCity before 2023.11.2 access control at the S3 Artifact Storage plugin endpoint was missed
Max CVSS
5.3
EPSS Score
0.05%
Published
2024-02-06
Updated
2024-02-09
In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented.
Max CVSS
8.8
EPSS Score
0.17%
Published
2022-12-08
Updated
2022-12-12
In JetBrains TeamCity version between 2021.2 and 2022.10 access permissions for secure token health items were excessive
Max CVSS
5.3
EPSS Score
0.06%
Published
2022-11-03
Updated
2022-11-04
In JetBrains Ktor before 2.1.0 the wrong authentication provider could be selected in some cases
Max CVSS
6.5
EPSS Score
0.16%
Published
2022-08-12
Updated
2022-08-16
In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services
Max CVSS
5.3
EPSS Score
0.07%
Published
2022-07-01
Updated
2022-07-11
In JetBrains Hub before 2022.1.14434, SAML request takeover was possible.
Max CVSS
9.8
EPSS Score
0.22%
Published
2022-02-25
Updated
2022-03-08
In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible.
Max CVSS
9.8
EPSS Score
0.22%
Published
2022-02-25
Updated
2022-03-04
In JetBrains Ktor before 1.6.4, nonce verification during the OAuth2 authentication process is implemented improperly.
Max CVSS
7.5
EPSS Score
0.07%
Published
2021-11-09
Updated
2021-11-10
In JetBrains TeamCity before 2021.1.1, insufficient authentication checks for agent requests were made.
Max CVSS
7.5
EPSS Score
0.07%
Published
2021-08-06
Updated
2021-08-12
In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.
Max CVSS
9.8
EPSS Score
0.31%
Published
2020-04-22
Updated
2020-04-29
The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3.
Max CVSS
5.3
EPSS Score
0.08%
Published
2019-07-03
Updated
2020-08-24
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!