In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:NJetbrains Dottrace
APPJetbrains< 2025.2.5Jetbrains Resharper
APPJetbrains< 2025.2.5Jetbrains Rider
APPJetbrains< 2025.2.5
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
LPERace Condition
Powiązane podatności
CVE-2024-37051CRITICAL9.3PL ✓ten sam produkt
Wyciek tokenu GitHub do stron trzecich w JetBrains IDE
CVE-2025-64456HIGH8.4ten sam produkt
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege ...
CVE-2025-23385HIGH7.8ten sam produkt
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7,...
CVE-2020-7906HIGH7.5ten sam produkt
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Wind...
CVE-2019-16407HIGH7.3ten sam produkt
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.