Search criteria

12 vulnerabilities found for resharper by jetbrains

FKIE_CVE-2025-64457

Vulnerability from fkie_nvd - Published: 2025-11-10 14:15 - Updated: 2026-01-12 21:56
Severity ?
4.2 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
References
cve@jetbrains.comhttps://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisory
Impacted products
Vendor Product Version
jetbrains dottrace *
jetbrains resharper *
jetbrains rider *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F208B85F-30AA-4FF1-A367-A1A0DFA21A8E",
              "versionEndExcluding": "2025.2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEF02A0-FAAF-4CDD-9121-B488E694F8BB",
              "versionEndExcluding": "2025.2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0F59B33-857A-4EB2-B3F9-73B8C8903AA8",
              "versionEndExcluding": "2025.2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition"
    }
  ],
  "id": "CVE-2025-64457",
  "lastModified": "2026-01-12T21:56:33.950",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 2.7,
        "source": "cve@jetbrains.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-11-10T14:15:43.280",
  "references": [
    {
      "source": "cve@jetbrains.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
    }
  ],
  "sourceIdentifier": "cve@jetbrains.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-367"
        }
      ],
      "source": "cve@jetbrains.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2025-64456

Vulnerability from fkie_nvd - Published: 2025-11-10 14:15 - Updated: 2025-11-20 19:56
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
References
cve@jetbrains.comhttps://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisory
Impacted products
Vendor Product Version
jetbrains resharper *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE78C14C-6BDA-4DE9-982B-907BFC877DEA",
              "versionEndExcluding": "2025.2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation"
    },
    {
      "lang": "es",
      "value": "En JetBrains ReSharper antes de 2025.2.4, la falta de verificaci\u00f3n de firma en DPA Collector permite la escalada de privilegios local."
    }
  ],
  "id": "CVE-2025-64456",
  "lastModified": "2025-11-20T19:56:27.110",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 5.8,
        "source": "cve@jetbrains.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-11-10T14:15:43.083",
  "references": [
    {
      "source": "cve@jetbrains.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
    }
  ],
  "sourceIdentifier": "cve@jetbrains.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "cve@jetbrains.com",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2025-23385

Vulnerability from fkie_nvd - Published: 2025-01-28 16:15 - Updated: 2026-01-12 18:53
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible
References
cve@jetbrains.comhttps://www.jetbrains.com/privacy-security/issues-fixed/Vendor Advisory
Impacted products
Vendor Product Version
jetbrains dottrace *
jetbrains dottrace *
jetbrains dottrace *
jetbrains etw_host_service *
jetbrains resharper *
jetbrains resharper *
jetbrains resharper *
jetbrains rider *
jetbrains rider *
jetbrains rider *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA1E83F7-8826-4C16-AC4E-0EA394EBF660",
              "versionEndExcluding": "2024.1.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63C92B5D-1EFC-4A0B-950D-D8929640B91E",
              "versionEndExcluding": "2024.2.8",
              "versionStartIncluding": "2024.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DFCF86D-C418-439A-8AD0-4A401148D6B0",
              "versionEndExcluding": "2024.3.4",
              "versionStartIncluding": "2024.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:etw_host_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F895DD80-363B-442D-87E3-24994B02DAC3",
              "versionEndExcluding": "16.43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3065499-46FE-48DE-A334-E5ED8A85072E",
              "versionEndExcluding": "2024.1.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "812D1640-EFD2-4030-B6AE-9AA0923CFB65",
              "versionEndExcluding": "2024.2.8",
              "versionStartIncluding": "2024.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9349926-4C6C-4259-835D-09609269CEEA",
              "versionEndExcluding": "2024.3.4",
              "versionStartIncluding": "2024.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25FBD05C-2DED-47BB-9AD9-2CB8E4B73ACA",
              "versionEndExcluding": "2024.1.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9BFA83D-5863-4722-A7B3-27BAC16F1257",
              "versionEndExcluding": "2024.2.8",
              "versionStartIncluding": "2024.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A326F4-4B47-4D70-986F-0CF33FBE06B3",
              "versionEndExcluding": "2024.3.4",
              "versionStartIncluding": "2024.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible"
    },
    {
      "lang": "es",
      "value": "En JetBrains ReSharper antes de 2024.3.4, 2024.2.8 y 2024.1.7, Rider antes de 2024.3.4, 2024.2.8 y 2024.1.7, dotTrace antes de 2024.3.4, 2024.2.8 y 2024.1.7, ETW Host Service antes de 16.43, era posible la escalada de privilegios locales a trav\u00e9s del servicio de host ETW."
    }
  ],
  "id": "CVE-2025-23385",
  "lastModified": "2026-01-12T18:53:54.620",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.1,
        "impactScore": 6.0,
        "source": "cve@jetbrains.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-01-28T16:15:41.377",
  "references": [
    {
      "source": "cve@jetbrains.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
    }
  ],
  "sourceIdentifier": "cve@jetbrains.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-114"
        }
      ],
      "source": "cve@jetbrains.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2019-16407

Vulnerability from fkie_nvd - Published: 2019-10-02 19:15 - Updated: 2024-11-21 04:30
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.
References
cve@mitre.orghttps://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/Vendor Advisory
Impacted products
Vendor Product Version
jetbrains resharper *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F6B1BB9-4165-4ED9-8BBE-25117A44E464",
              "versionEndExcluding": "2019.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability."
    },
    {
      "lang": "es",
      "value": "Los instaladores de JetBrains ReSharper para versiones anteriores a 2019.2, presentaban una vulnerabilidad de Secuestro de DLL."
    }
  ],
  "id": "CVE-2019-16407",
  "lastModified": "2024-11-21T04:30:39.333",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-10-02T19:15:15.483",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-427"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2025-64457 (GCVE-0-2025-64457)

Vulnerability from nvd – Published: 2025-11-10 13:28 – Updated: 2025-12-19 10:10
VLAI?
Summary
In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
Severity ?
4.2 (Medium)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
CWE
  • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
Vendor Product Version
JetBrains ReSharper, Rider and dotTrace Affected: 0 , < 2025.2.5 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ReSharper, Rider and dotTrace",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2025.2.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition\u003cbr\u003e"
            }
          ],
          "value": "In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-19T10:10:13.721Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2025-64457",
    "datePublished": "2025-11-10T13:28:23.970Z",
    "dateReserved": "2025-11-04T14:34:02.045Z",
    "dateUpdated": "2025-12-19T10:10:13.721Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-64456 (GCVE-0-2025-64456)

Vulnerability from nvd – Published: 2025-11-10 13:28 – Updated: 2025-11-11 04:55
VLAI?
Summary
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
Severity ?
8.4 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
CWE
Assigner
References
Impacted products
Vendor Product Version
JetBrains ReSharper Affected: 0 , < 2025.2.4 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64456",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-11T04:55:34.273Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ReSharper",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2025.2.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T13:28:03.624Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2025-64456",
    "datePublished": "2025-11-10T13:28:03.624Z",
    "dateReserved": "2025-11-04T14:34:01.215Z",
    "dateUpdated": "2025-11-11T04:55:34.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-23385 (GCVE-0-2025-23385)

Vulnerability from nvd – Published: 2025-01-28 16:01 – Updated: 2025-01-28 16:26
VLAI?
Summary
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
JetBrains ReSharper Affected: 2024.3 , < 2024.3.4 (semver)
Affected: 2024.2 , < 2024.2.8 (semver)
Affected: 0 , < 2024.1.7 (semver)
Create a notification for this product.
    JetBrains Rider Affected: 2024.3 , < 2024.3.4 (semver)
Affected: 2024.2 , < 2024.2.8 (semver)
Affected: 0 , < 2024.1.7 (semver)
Create a notification for this product.
    JetBrains dotTrace Affected: 2024.3 , < 2024.3.4 (semver)
Affected: 2024.2 , < 2024.2.8 (semver)
Affected: 0 , < 2024.1.7 (semver)
Create a notification for this product.
    JetBrains ETW Host Service Affected: 0 , < 16.43 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-23385",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T16:25:22.095430Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-28T16:26:10.127Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ReSharper",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2024.3.4",
              "status": "affected",
              "version": "2024.3",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.2.8",
              "status": "affected",
              "version": "2024.2",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Rider",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2024.3.4",
              "status": "affected",
              "version": "2024.3",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.2.8",
              "status": "affected",
              "version": "2024.2",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "dotTrace",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2024.3.4",
              "status": "affected",
              "version": "2024.3",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.2.8",
              "status": "affected",
              "version": "2024.2",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ETW Host Service",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "16.43",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-114",
              "description": "CWE-114: Process Control",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-28T16:01:55.084Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2025-23385",
    "datePublished": "2025-01-28T16:01:55.084Z",
    "dateReserved": "2025-01-15T11:51:10.292Z",
    "dateUpdated": "2025-01-28T16:26:10.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16407 (GCVE-0-2019-16407)

Vulnerability from nvd – Published: 2019-10-02 18:11 – Updated: 2024-08-05 01:17
VLAI?
Summary
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:39.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T18:11:42",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16407",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/",
              "refsource": "MISC",
              "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16407",
    "datePublished": "2019-10-02T18:11:42",
    "dateReserved": "2019-09-18T00:00:00",
    "dateUpdated": "2024-08-05T01:17:39.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-64457 (GCVE-0-2025-64457)

Vulnerability from cvelistv5 – Published: 2025-11-10 13:28 – Updated: 2025-12-19 10:10
VLAI?
Summary
In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition
Severity ?
4.2 (Medium)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
CWE
  • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
Impacted products
Vendor Product Version
JetBrains ReSharper, Rider and dotTrace Affected: 0 , < 2025.2.5 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ReSharper, Rider and dotTrace",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2025.2.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition\u003cbr\u003e"
            }
          ],
          "value": "In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-19T10:10:13.721Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2025-64457",
    "datePublished": "2025-11-10T13:28:23.970Z",
    "dateReserved": "2025-11-04T14:34:02.045Z",
    "dateUpdated": "2025-12-19T10:10:13.721Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-64456 (GCVE-0-2025-64456)

Vulnerability from cvelistv5 – Published: 2025-11-10 13:28 – Updated: 2025-11-11 04:55
VLAI?
Summary
In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation
Severity ?
8.4 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
CWE
Assigner
References
Impacted products
Vendor Product Version
JetBrains ReSharper Affected: 0 , < 2025.2.4 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-64456",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-10T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-11T04:55:34.273Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ReSharper",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2025.2.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege escalation"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T13:28:03.624Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2025-64456",
    "datePublished": "2025-11-10T13:28:03.624Z",
    "dateReserved": "2025-11-04T14:34:01.215Z",
    "dateUpdated": "2025-11-11T04:55:34.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-23385 (GCVE-0-2025-23385)

Vulnerability from cvelistv5 – Published: 2025-01-28 16:01 – Updated: 2025-01-28 16:26
VLAI?
Summary
In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
JetBrains ReSharper Affected: 2024.3 , < 2024.3.4 (semver)
Affected: 2024.2 , < 2024.2.8 (semver)
Affected: 0 , < 2024.1.7 (semver)
Create a notification for this product.
    JetBrains Rider Affected: 2024.3 , < 2024.3.4 (semver)
Affected: 2024.2 , < 2024.2.8 (semver)
Affected: 0 , < 2024.1.7 (semver)
Create a notification for this product.
    JetBrains dotTrace Affected: 2024.3 , < 2024.3.4 (semver)
Affected: 2024.2 , < 2024.2.8 (semver)
Affected: 0 , < 2024.1.7 (semver)
Create a notification for this product.
    JetBrains ETW Host Service Affected: 0 , < 16.43 (semver)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-23385",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T16:25:22.095430Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-28T16:26:10.127Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ReSharper",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2024.3.4",
              "status": "affected",
              "version": "2024.3",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.2.8",
              "status": "affected",
              "version": "2024.2",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Rider",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2024.3.4",
              "status": "affected",
              "version": "2024.3",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.2.8",
              "status": "affected",
              "version": "2024.2",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "dotTrace",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "2024.3.4",
              "status": "affected",
              "version": "2024.3",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.2.8",
              "status": "affected",
              "version": "2024.2",
              "versionType": "semver"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "ETW Host Service",
          "vendor": "JetBrains",
          "versions": [
            {
              "lessThan": "16.43",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7, dotTrace before 2024.3.4, 2024.2.8, and 2024.1.7, ETW Host Service before 16.43, Local Privilege Escalation via the ETW Host Service was possible"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-114",
              "description": "CWE-114: Process Control",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-28T16:01:55.084Z",
        "orgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
        "shortName": "JetBrains"
      },
      "references": [
        {
          "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "547ada31-17d8-4964-bc5f-1b8238ba8014",
    "assignerShortName": "JetBrains",
    "cveId": "CVE-2025-23385",
    "datePublished": "2025-01-28T16:01:55.084Z",
    "dateReserved": "2025-01-15T11:51:10.292Z",
    "dateUpdated": "2025-01-28T16:26:10.127Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-16407 (GCVE-0-2019-16407)

Vulnerability from cvelistv5 – Published: 2019-10-02 18:11 – Updated: 2024-08-05 01:17
VLAI?
Summary
JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:17:39.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T18:11:42",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-16407",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/",
              "refsource": "MISC",
              "url": "https://blog.jetbrains.com/blog/2019/09/26/jetbrains-security-bulletin-q2-2019/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-16407",
    "datePublished": "2019-10-02T18:11:42",
    "dateReserved": "2019-09-18T00:00:00",
    "dateUpdated": "2024-08-05T01:17:39.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}