Hub Security Vulnerabilities and Issues — Hub CVE List

Lucene search

JetbrainsHub

7 matches found

CVE•added 2022/02/25 3:15 p.m.•663 views

CVE-2022-24327

In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions.

7.5CVSS7.5AI score0.00002EPSS

CVE•added 2019/07/03 7:15 p.m.•79 views

CVE-2019-12847

In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. It is only relevant in cases where a password has not changed since 2017, and if the audit log still contains events from before that period.

7.2CVSS7AI score0.00003EPSS

CVE•added 2020/04/22 2:15 p.m.•39 views

CVE-2020-11691

In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible.

7.5CVSS7.5AI score0.00003EPSS

CVE•added 2022/11/18 3:15 p.m.•38 views

CVE-2022-45471

In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address

7.5CVSS7.4AI score0.00001EPSS

CVE•added 2021/11/09 4:15 p.m.•36 views

CVE-2021-43182

In JetBrains Hub before 2021.1.13415, a DoS via user information is possible.

7.5CVSS7.4AI score0.00005EPSS

CVE•added 2021/11/09 4:15 p.m.•35 views

CVE-2021-43180

In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible.

7.5CVSS7.2AI score0.00003EPSS

CVE•added 2021/05/11 12:15 p.m.•32 views

CVE-2021-31901

In JetBrains Hub before 2021.1.13079, two-factor authentication wasn't enabled properly for the All Users group.

7.5CVSS7.7AI score0.00003EPSS