Red Hat Developer Hub
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Developer Hub.
Recent Red Hat Developer Hub Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2026:3089 | (RHSA-2026:3089) Red Hat Developer Hub 1.8.4 release. | February 23, 2026 |
| RHSA-2026:2675 | (RHSA-2026:2675) Red Hat Developer Hub 1.8.3 release. | February 12, 2026 |
| RHSA-2026:0531 | (RHSA-2026:0531) Red Hat Developer Hub 1.8.2 release. | January 13, 2026 |
| RHSA-2026:0261 | (RHSA-2026:0261) Red Hat Developer Hub 1.7.4 release. | January 7, 2026 |
| RHSA-2025:22861 | (RHSA-2025:22861) Red Hat Developer Hub 1.8.1 release. | December 8, 2025 |
| RHSA-2025:22404 | (RHSA-2025:22404) Red Hat Developer Hub 1.7.3 release. | December 1, 2025 |
| RHSA-2025:20047 | (RHSA-2025:20047) Red Hat Developer Hub 1.8.0 release. | November 10, 2025 |
| RHSA-2025:19529 | (RHSA-2025:19529) Red Hat Developer Hub 1.7.2 release. | November 3, 2025 |
| RHSA-2025:1454 | (RHSA-2025:1454) Moderate: Update Red Hat Developer Hub 1.3 to mitigate relevant CVEs | February 13, 2025 |
By the Year
In 2026 there have been 0 vulnerabilities in Red Hat Developer Hub. Red Hat Developer Hub did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 5.70 |
It may take a day or so for new Red Hat Developer Hub vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Developer Hub Security Vulnerabilities
Red Hat Developer Hub (RHDH) Access Token Leak via Catalog-Import
CVE-2023-6944
5.7 - Medium
- January 04, 2024
A flaw was found in the Red Hat Developer Hub (RHDH). The catalog-import function leaks GitLab access tokens on the frontend when the base64 encoded GitLab token includes a newline at the end of the string. The sanitized error can display on the frontend, including the raw access token. Upon gaining access to this token and depending on permissions, an attacker could push malicious code to repositories, delete resources in Git, revoke or generate new keys, and sign code illegitimately.
Generation of Error Message Containing Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Developer Hub or by Red Hat? Click the Watch button to subscribe.
