Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jetbrains hub vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-37540
In JetBrains Hub prior to 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used.
Jetbrains Hub
6.1
CVSSv3
CVE-2021-37541
In JetBrains Hub prior to 2021.1.13402, HTML injection in the password reset email was possible.
Jetbrains Hub
7.2
CVSSv3
CVE-2019-12847
In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. It is only relevant in cases where a password has not changed since 2017, and if the audit log still contains events from before that period.
Jetbrains Hub
7.5
CVSSv3
CVE-2022-45471
In JetBrains Hub prior to 2022.3.15181 Throttling was missed when sending emails to a particular email address
Jetbrains Hub
5.3
CVSSv3
CVE-2019-14955
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented.
Jetbrains Hub
7.5
CVSSv3
CVE-2020-11691
In JetBrains Hub prior to 2020.1.12099, content spoofing in the Hub OAuth error message was possible.
Jetbrains Hub
5.3
CVSSv3
CVE-2022-34894
In JetBrains Hub prior to 2022.2.14799, insufficient access control allowed the hijacking of untrusted services
Jetbrains Hub
1 Github repository
7.5
CVSSv3
CVE-2021-43180
In JetBrains Hub prior to 2021.1.13690, information disclosure via avatar metadata is possible.
Jetbrains Hub
6.1
CVSSv3
CVE-2021-43181
In JetBrains Hub prior to 2021.1.13690, stored XSS is possible.
Jetbrains Hub
9.8
CVSSv3
CVE-2021-43183
In JetBrains Hub prior to 2021.1.13690, the authentication throttling mechanism could be bypassed.
Jetbrains Hub
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »