Log4j impacts JetBrains Hub | Mitigation

JetBrains Hub application has been impacted by Log4J vulnerability. Hub standalone version needs to be patched immediately to prevent the log4j vulnerability being exploited. If you are using HubStandalone 2017.4 or earlier, then you are not affected whereas if you are using Hub Standalone 2018.1 or later then you might be affected by this vulnerability. Hub administrators may need to upgrade their Hub to latest version to prevent this vulnerability from being exploited

Versions affected: 2018.1 to 2021.4.35732 

Hub VersionStatusMitigation
2018.1 to 2021.1.13389AffectedUpgrade to 2021.1.14080.
2021.1.13402 to 2021.1.14063Affected Upgrade to 2021.1.14080.

Rest of the Hub versions are not affected according to JetBrains

Though the blog post says by setting up MsgLookup parameter to true, that’s not absolutely true as Log4j has already another version 2.16.0 which disables JNDI altogether. If you are using Hub along with

Scroll to Top