CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25776
https://notcve.org/view.php?id=CVE-2021-25776
In JetBrains TeamCity before 2020.2, an ECR token could be exposed in a build's parameters. En JetBrains TeamCity versiones anteriores a 2020.2, un token ECR podría estar expuesto en unos parámetros de compilación • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25772
https://notcve.org/view.php?id=CVE-2021-25772
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration. En JetBrains TeamCity versiones anteriores a 2020.2.2, una DoS del servidor de TeamCity fue posible por medio de una integración del servidor • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25773
https://notcve.org/view.php?id=CVE-2021-25773
JetBrains TeamCity before 2020.2 was vulnerable to reflected XSS on several pages. JetBrains TeamCity versiones anteriores a 2020.2, era vulnerable a un ataque de tipo XSS reflejado en varias páginas • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25771
https://notcve.org/view.php?id=CVE-2021-25771
In JetBrains YouTrack before 2020.6.1099, project information could be potentially disclosed. En JetBrains YouTrack versiones anteriores a 2020.6.1099, una información del proyecto podría ser divulgada potencialmente • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-25770
https://notcve.org/view.php?id=CVE-2021-25770
In JetBrains YouTrack before 2020.5.3123, server-side template injection (SSTI) was possible, which could lead to code execution. En JetBrains YouTrack versiones anteriores a 2020.5.3123, era posible una server-side template injection (SSTI), lo que podría conllevar a una ejecución de código • https://blog.jetbrains.com https://blog.jetbrains.com/blog/2021/02/03/jetbrains-security-bulletin-q4-2020 • CWE-94: Improper Control of Generation of Code ('Code Injection') •