HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2025-64456

CVSS 8.4v3.1pub. 2025-11-10upd. 2025-11-20

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
  • Jetbrains Resharper

    APP
    Jetbrains
    < 2025.2.4
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2025-23385HIGH7.8ten sam produkt

In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7,...

CVE-2019-16407HIGH7.3ten sam produkt

JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.

CVE-2025-64457MEDIUM4.2ten sam produkt

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race co...

CVE-2024-27198CRITICAL9.8⚠ KEVPL ✓ten sam vendor

JetBrains TeamCity — Authentication Bypass umożliwiający działania administracyjne

CVE-2023-42793CRITICAL9.8⚠ KEVten sam vendor

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible