Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains hub vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-25760
In JetBrains Hub prior to 2020.1.12669, information disclosure via the public API was possible.
Jetbrains Hub
NA
CVE-2022-45471
In JetBrains Hub prior to 2022.3.15181 Throttling was missed when sending emails to a particular email address
Jetbrains Hub
6.4
CVSSv2
CVE-2021-37540
In JetBrains Hub prior to 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used.
Jetbrains Hub
5
CVSSv2
CVE-2019-14955
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented.
Jetbrains Hub
7.5
CVSSv2
CVE-2021-36209
In JetBrains Hub prior to 2021.1.13389, account takeover was possible during password reset.
Jetbrains Hub
5
CVSSv2
CVE-2022-24327
In JetBrains Hub prior to 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions.
Jetbrains Hub
7.5
CVSSv2
CVE-2022-25262
In JetBrains Hub prior to 2022.1.14434, SAML request takeover was possible.
Jetbrains Hub
1 Github repository
4.3
CVSSv2
CVE-2021-37541
In JetBrains Hub prior to 2021.1.13402, HTML injection in the password reset email was possible.
Jetbrains Hub
5
CVSSv2
CVE-2021-43180
In JetBrains Hub prior to 2021.1.13690, information disclosure via avatar metadata is possible.
Jetbrains Hub
4.3
CVSSv2
CVE-2021-43181
In JetBrains Hub prior to 2021.1.13690, stored XSS is possible.
Jetbrains Hub
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »