CVE-2025-64683
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-10
Last updated on: 2025-11-21
Assigner: JetBrains s.r.o.
Description
Description
In JetBrains Hub before 2025.3.104432 information disclosure was possible via the Users API
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jetbrains | hub | to 2025.3.104432 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo | |
| CWE-362 | The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in JetBrains Hub before version 2025.3.104432 allows information disclosure via the Users API, meaning unauthorized users could potentially access sensitive user information through this API.
How can this vulnerability impact me? :
The impact of this vulnerability is limited to information disclosure, which could lead to unauthorized access to user data. This may expose sensitive information but does not affect integrity or availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70