Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
5 résultats taggé JetBrains  ✕
TeamCity Major Bug-Fix Release for All Versions: Update Your Server Now | The TeamCity Blog https://blog.jetbrains.com/teamcity/2024/05/teamcity-major-bug-fix-release-for-all-versions/
29/05/2024 16:29:21
QRCode
archive.org
thumbnail

Our customers’ safety is our utmost priority. In order to protect our customers from any potential security threats, we’ve rolled out major bug-fix releases for several older versions of TeamCity (versions 2022.04 through 2023.11).

JetBrains EN 2024 vulnerability TeamCity Bug-Fix
JetBrains vulnerability exploitation highlights debate over 'silent patching' https://therecord.media/jetbrains-rapid7-silent-patching-dispute
13/03/2024 09:22:58
QRCode
archive.org
thumbnail

Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities.

therecord.media EN 2024 JetBrains vulnerability exploitation silent-patching
Rapid7 flames JetBrains over vulnerability disclosure https://www.theregister.com/2024/03/05/rapid7_jetbrains_vuln_disclosure_dispute/
06/03/2024 06:35:24
QRCode
archive.org
thumbnail

Security shop Rapid7 is criticizing JetBrains for flouting its policy against silent patching regarding fixes for two fresh vulnerabilities in the TeamCity CI/CD server.

Rapid7 says it reported the two TeamCity vulnerabilities in mid-February, claiming JetBrains soon after suggested releasing patches for the flaws before publicly disclosing them.

Such a move is typically seen as a no-no by the infosec community, which favors transparency, but there's apparently a time and a place for these things.

theregister EN 2024 Rapid7 flames JetBrains
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED) https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
04/03/2024 21:00:17
QRCode
archive.org
thumbnail

In February 2024, Rapid7’s vulnerability research team identified two new vulnerabilities affecting JetBrains TeamCity CI/CD server:

  • CVE-2024-27198 is an authentication bypass vulnerability in the web component of TeamCity that arises from an alternative path issue (CWE-288) and has a CVSS base score of 9.8 (Critical).
  • CVE-2024-27199 is an authentication bypass vulnerability in the web component of TeamCity that arises from a path traversal issue (CWE-22) and has a CVSS base score of 7.3 (High).
rapid7 EN 2024 research JetBrains TeamCity CVE-2024-27198 CVE-2024-27199
CVE-2023-42793 https://attackerkb.com/topics/1XEEEkGHzt/cve-2023-42793/rapid7-analysis
27/09/2023 19:28:40
QRCode
archive.org
thumbnail

CVE-2023-42793 is a critical authentication bypass published on September 19, 2023 that affects on-premises instances of JetBrains TeamCity, a CI/CD server. Th…

attackerkb EN 2023 JetBrains TeamCity CI/CD CVE-2023-42793 Authentication-Bypass exploitation
4835 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn