MEDIUM✓ PATCH🇬🇧 English

CVE-2025-64457

CVSS 4.2v3.1pub. 2025-11-10upd. 2026-01-12

In JetBrains ReSharper, Rider and dotTrace before 2025.2.5 local privilege escalation was possible via race condition

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
  • Jetbrains Dottrace

    APP
    Jetbrains
    < 2025.2.5
  • Jetbrains Resharper

    APP
    Jetbrains
    < 2025.2.5
  • Jetbrains Rider

    APP
    Jetbrains
    < 2025.2.5
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
LPERace Condition
CWE
Referencje

Powiązane podatności

CVE-2024-37051CRITICAL9.3PL ✓ten sam produkt

Wyciek tokenu GitHub do stron trzecich w JetBrains IDE

CVE-2025-64456HIGH8.4ten sam produkt

In JetBrains ReSharper before 2025.2.4 missing signature verification in DPA Collector allows local privilege ...

CVE-2025-23385HIGH7.8ten sam produkt

In JetBrains ReSharper before 2024.3.4, 2024.2.8, and 2024.1.7, Rider before 2024.3.4, 2024.2.8, and 2024.1.7,...

CVE-2020-7906HIGH7.5ten sam produkt

In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Wind...

CVE-2019-16407HIGH7.3ten sam produkt

JetBrains ReSharper installers for versions before 2019.2 had a DLL Hijacking vulnerability.

CVE-2025-64457 — MEDIUM 4.2 | CVEbaza.pl