Vulnerabilities > Jetbrains > HUB > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-18 | CVE-2022-45471 | Allocation of Resources Without Limits or Throttling vulnerability in Jetbrains HUB In JetBrains Hub before 2022.3.15181 Throttling was missed when sending emails to a particular email address | 7.5 |
| 2022-02-25 | CVE-2022-24327 | Incorrect Permission Assignment for Critical Resource vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions. | 7.5 |
| 2021-11-09 | CVE-2021-43180 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13690, information disclosure via avatar metadata is possible. | 7.5 |
| 2021-11-09 | CVE-2021-43182 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13415, a DoS via user information is possible. | 7.5 |
| 2021-05-11 | CVE-2021-31901 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2021.1.13079, two-factor authentication wasn't enabled properly for the All Users group. | 7.5 |
| 2020-04-22 | CVE-2020-11691 | Unspecified vulnerability in Jetbrains HUB In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible. | 7.5 |
| 2019-07-03 | CVE-2019-12847 | Insufficiently Protected Credentials vulnerability in Jetbrains HUB In JetBrains Hub versions earlier than 2018.4.11298, the audit events for SMTPSettings show a cleartext password to the admin user. | 7.2 |