CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36321
https://notcve.org/view.php?id=CVE-2022-36321
In JetBrains TeamCity before 2022.04.2 the private SSH key could be written to the build log in some cases En JetBrains TeamCity versiones anteriores a 2022.04.2, la clave privada SSH podía ser escrita en el registro de construcción en algunos casos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34894
https://notcve.org/view.php?id=CVE-2022-34894
In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services En JetBrains Hub versiones anteriores a 2022.2.14799, un control de acceso insuficiente permitía el secuestro de servicios no confiables • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-284: Improper Access Control •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29930
https://notcve.org/view.php?id=CVE-2022-29930
SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1. La implementación de SHA1 en JetBrains Ktor Native 2.0.0 devolvía el mismo valor. El problema se ha solucionado en la versión 2.0.1 de Ktor • https://github.com/ktorio/ktor/pull/2966 https://www.jetbrains.com/privacy-security/issues-fixed • CWE-330: Use of Insufficiently Random Values CWE-342: Predictable Exact Value from Previous Values •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29929
https://notcve.org/view.php?id=CVE-2022-29929
In JetBrains TeamCity before 2022.04 potential XSS via Referrer header was possible En JetBrains TeamCity versiones anteriores a 2022.04, era posible un potencial ataque de tipo XSS por medio del encabezado Referrer • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29928
https://notcve.org/view.php?id=CVE-2022-29928
In JetBrains TeamCity before 2022.04 leak of secrets in TeamCity agent logs was possible En JetBrains TeamCity versiones anteriores a 2022.04, era posible una filtración de secretos en los registros del agente de TeamCity • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •