Hub Security Vulnerabilities and Issues — Hub CVE List

Lucene search

JetbrainsHub

3 matches found

cve•added 2019/07/03 7:15 p.m.•79 views

CVE-2019-12847

In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. It is only relevant in cases where a password has not changed since 2017, and if the audit log still contains events from before that period.

7.2CVSS7AI score0.00003EPSS

cve•added 2019/10/01 4:15 p.m.•67 views

CVE-2019-14955

In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented.

5.3CVSS5.3AI score0.00003EPSS

cve•added 2019/10/31 3:15 p.m.•39 views

CVE-2019-18360

In JetBrains Hub versions earlier than 2019.1.11738, username enumeration was possible through password recovery.

5.3CVSS5.4AI score0.00003EPSS