NotCVE - vendor:"JetBrains" product:"Rider" version:"

6 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2025-43016

https://notcve.org/view.php?id=CVE-2025-43016

25 Apr 2025 — In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-23: Relative Path Traversal •

CVSS: 9.3EPSS: 5%CPEs: 44EXPL: 2

CVE-2024-37051

https://notcve.org/view.php?id=CVE-2024-37051

10 Jun 2024 — GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2... • https://github.com/LeadroyaL/CVE-2024-37051-EXP • CWE-522: Insufficiently Protected Credentials •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-24939

https://notcve.org/view.php?id=CVE-2024-24939

06 Feb 2024 — In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible En JetBrains Rider antes de 2023.3.3 era posible el registro de variables de entorno que contenían valores secretos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-37396

https://notcve.org/view.php?id=CVE-2022-37396

03 Aug 2022 — In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution En JetBrains Rider versiones anteriores a 2022.2, el diálogo confiable y de apertura de proyectos puede ser evitada, conllevando a una ejecución de código local • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-7906

https://notcve.org/view.php?id=CVE-2020-7906

30 Jan 2020 — In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3. En JetBrains Rider versiones 2019.3 EAP2 hasta 2019.3 EAP7, se presentaron binarios no firmados provistos por parte del instalador de Windows. Este problema fue corregido en la publicación de la versión 2019.3. • https://blog.jetbrains.com • CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-14960

https://notcve.org/view.php?id=CVE-2019-14960

01 Oct 2019 — JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file. JetBrains Rider versiones anteriores a 2019.1.2, estaba usando un archivo JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll sin firmar. • https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019 • CWE-426: Untrusted Search Path •