vulnerability
JetBrains TeamCity: CVE-2024-35301: Commit status publisher didn't check project scope of the GitHub App token (TW-86523)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:M/C:P/I:P/A:N) | May 16, 2024 | Oct 15, 2024 | Mar 25, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:M/C:P/I:P/A:N)
Published
May 16, 2024
Added
Oct 15, 2024
Modified
Mar 25, 2026
Description
In JetBrains TeamCity before 2024.03.1 commit status publisher didn't check project scope of the GitHub App token
Solution
jetbrains-teamcity-upgrade-latest
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.