CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43016
https://notcve.org/view.php?id=CVE-2025-43016
25 Apr 2025 — In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-23: Relative Path Traversal •
CVSS: 9.3EPSS: 5%CPEs: 44EXPL: 2CVE-2024-37051
https://notcve.org/view.php?id=CVE-2024-37051
10 Jun 2024 — GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2... • https://github.com/LeadroyaL/CVE-2024-37051-EXP • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24939
https://notcve.org/view.php?id=CVE-2024-24939
06 Feb 2024 — In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible En JetBrains Rider antes de 2023.3.3 era posible el registro de variables de entorno que contenían valores secretos • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-532: Insertion of Sensitive Information into Log File •