Known Vulnerabilities for Teamcity by Jetbrains

Listed below are 10 of the newest known vulnerabilities associated with "Teamcity" by "Jetbrains".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-24339 JetBrains TeamCity before 2021.2.1 was vulnerable to stored XSS. 5.4 - MEDIUM 2022-02-25 2022-03-04
CVE-2022-24338 JetBrains TeamCity before 2021.2.1 was vulnerable to reflected XSS. 6.1 - MEDIUM 2022-02-25 2022-03-04
CVE-2022-24337 In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions. 6.5 - MEDIUM 2022-02-25 2022-03-04
CVE-2022-24336 In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via an XML-RPC request to the Te... 5.3 - MEDIUM 2022-02-25 2023-08-08
CVE-2022-24335 JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race-condition attack in agent regist... 8.1 - HIGH 2022-02-25 2022-03-04
CVE-2022-24334 In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server. 5.3 - MEDIUM 2022-02-25 2022-03-04
CVE-2022-24333 In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible. 6.5 - MEDIUM 2022-02-25 2022-03-04
CVE-2022-24332 In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. 5.3 - MEDIUM 2022-02-25 2022-03-04
CVE-2022-24331 In JetBrains TeamCity before 2021.1.4, GitLab authentication impersonation was possible. 9.8 - CRITICAL 2022-02-25 2023-08-08
CVE-2022-24330 In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible. 6.1 - MEDIUM 2022-02-25 2022-03-04
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationJetbrainsTeamcity9.1AllAllAll
ApplicationJetbrainsTeamcity9.0AllAllAll
ApplicationJetbrainsTeamcity8.1AllAllAll
ApplicationJetbrainsTeamcity8.0AllAllAll
ApplicationJetbrainsTeamcity7.1AllAllAll
ApplicationJetbrainsTeamcity7.0AllAllAll
ApplicationJetbrainsTeamcity6.5AllAllAll
ApplicationJetbrainsTeamcity6.0AllAllAll
ApplicationJetbrainsTeamcity5.1AllAllAll
ApplicationJetbrainsTeamcity5.0AllAllAll
ApplicationJetbrainsTeamcity4.5AllAllAll
ApplicationJetbrainsTeamcity4.0.2AllAllAll
ApplicationJetbrainsTeamcity4.0.1AllAllAll
ApplicationJetbrainsTeamcity4.0AllAllAll
ApplicationJetbrainsTeamcity3.1AllAllAll
ApplicationJetbrainsTeamcity3.0AllAllAll
ApplicationJetbrainsTeamcity2020.2.85695AllAllAll
ApplicationJetbrainsTeamcity2020.2.2AllAllAll
ApplicationJetbrainsTeamcity2020.2.1AllAllAll
ApplicationJetbrainsTeamcity2020.2AllAllAll
Results limited to 20 most recent known configurations
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report