CNNVD-202507-3535 Information

CNNVD ID

CNNVD-202507-3535

Related CVE

CVE-2025-54529

• CNNVD Published: 2025-07-28

Description (Chinese)

JetBrains TeamCity是捷克JetBrains公司的一套分布式构建管理和持续集成工具。该工具提供持续单元测试、代码质量分析和构建问题分析报告等功能。 JetBrains TeamCity 2025.07之前版本存在跨站请求伪造漏洞，该漏洞源于外部OAuth登录集成存在CSRF。

Description (English)

Jetbrains TeamCity is a distributed set of building management and continuous integration tools for Czech Jetbrains. The tool provides continuous modular testing, code quality analysis and construction analysis. The pre-Jetbrains TeamCity 2025.07 version had a false gap in cross-site requests, which originated from the external OAuth login integration of CSRF.

Hazard Level

Critical

Vulnerability Type

跨站请求伪造

Affected Vendor

JetBrains

Published

2025-07-28

Last Modified

2026-02-24

References

https://www.jetbrains.com/privacy-security/issues-fixed/ https://access.redhat.com/security/cve/cve-2025-54529

Patch

https://www.jetbrains.com/privacy-security/issues-fixed/