CVE-2025-59457
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-17
Last updated on: 2025-09-22
Assigner: JetBrains s.r.o.
Description
Description
In JetBrains TeamCity before 2025.07.2 missing Git URL validation allowed credential leakage on Windows
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jetbrains | teamcity | to 2025.07.2 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-183 | The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are explicitly allowed by policy because the inputs are assumed to be safe, but the list is too permissive - that is, it allows an input that is unsafe, leading to resultant weaknesses. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in JetBrains TeamCity versions before 2025.07.2 involves missing validation of Git URLs on Windows systems, which allows attackers to leak credentials.
How can this vulnerability impact me? :
The vulnerability can lead to credential leakage, potentially allowing unauthorized access to sensitive information or systems that rely on those credentials.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70