JetBrains TeamCity
Approved changes feed: RSS · Atom
cpe:2.3:a:jetbrains:teamcity:-:*:*:*:*:*:*:*
part: a version: - update: *
| Vendor | Jetbrains (b1b7db7a-bd16-5477-8e89-fb64c5636fcd) |
|---|---|
| Product | Teamcity (7b9540cf-6355-5a98-8cf5-3933af175178) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-36470 |
vulnerable | 2026-06-03 14:56:04.601705 |
Details available
HIGH (8.1)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 authentication bypass was possible in specific edge cases
Published: 2024-05-29T13:29:07.173Z
Updated: 2024-08-02T03:37:05.191Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36376 |
vulnerable | 2026-06-03 14:56:04.263277 |
Details available
MEDIUM (6.5)
In JetBrains TeamCity before 2024.03.2 users could perform actions that should not be available to them based on their permissions
Published: 2024-05-29T13:29:05.793Z
Updated: 2024-08-02T03:37:05.188Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36370 |
vulnerable | 2026-06-03 14:56:04.261342 |
Details available
MEDIUM (4.6)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible
Published: 2024-05-29T13:29:02.650Z
Updated: 2024-08-02T03:37:05.135Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36365 |
vulnerable | 2026-06-03 14:56:04.259330 |
Details available
MEDIUM (6.8)
In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5, 2024.03.2 a third-party agent could impersonate a cloud agent
Published: 2024-05-29T13:28:59.445Z
Updated: 2024-08-02T03:37:05.199Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-29880 |
vulnerable | 2026-06-03 14:55:27.588443 |
Details available
MEDIUM (4.2)
In JetBrains TeamCity before 2023.11 users with access to the agent machine might obtain permissions of the user running the agent process
Published: 2024-03-21T13:56:45.387Z
Updated: 2024-08-02T01:17:58.391Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-28174 |
vulnerable | 2026-06-03 14:55:25.262118 |
Details available
MEDIUM (5.8)
In JetBrains TeamCity before 2023.11.4 presigned URL generation requests in S3 Artifact Storage plugin were authorized improperly
Published: 2024-03-06T16:52:10.853Z
Updated: 2024-08-02T00:48:49.417Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24942 |
vulnerable | 2026-06-03 14:55:06.154851 |
Details available
MEDIUM (5.3)
In JetBrains TeamCity before 2023.11.3 path traversal allowed reading data within JAR archives
Published: 2024-02-06T09:21:31.426Z
Updated: 2024-08-01T23:36:21.219Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24938 |
vulnerable | 2026-06-03 14:55:06.151181 |
Details available
MEDIUM (5.3)
In JetBrains TeamCity before 2023.11.2 limited directory traversal was possible in the Kotlin DSL documentation
Published: 2024-02-06T09:21:29.110Z
Updated: 2025-08-27T15:39:55.233Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23917 |
vulnerable | 2026-06-03 14:55:04.910840 |
Details available
CRITICAL (9.8)
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
Published: 2024-02-06T09:21:31.957Z
Updated: 2024-08-01T23:13:08.604Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.