Vulnerabilities > Jetbrains > Rider

DATE CVE VULNERABILITY TITLE RISK
2024-06-10 CVE-2024-37051 Insufficiently Protected Credentials vulnerability in Jetbrains products
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
network
low complexity
jetbrains CWE-522
7.5
2024-02-06 CVE-2024-24939 Information Exposure Through Log Files vulnerability in Jetbrains Rider
In JetBrains Rider before 2023.3.3 logging of environment variables containing secret values was possible
network
low complexity
jetbrains CWE-532
5.3
2022-08-03 CVE-2022-37396 Unspecified vulnerability in Jetbrains Rider
In JetBrains Rider before 2022.2 Trust and Open Project dialog could be bypassed, leading to local code execution
local
low complexity
jetbrains
7.8
2020-01-30 CVE-2020-7906 Improper Verification of Cryptographic Signature vulnerability in Jetbrains Rider 2019.3.0
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer.
network
low complexity
jetbrains CWE-347
7.5
2019-10-01 CVE-2019-14960 Untrusted Search Path vulnerability in Jetbrains Rider
JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider.Unity.Editor.Plugin.Repacked.dll file.
local
low complexity
jetbrains CWE-426
7.8