Local Code Execution Vulnerability in JetBrains Rider by JetBrains
CVE-2022-37396

4.1MEDIUM

Key Information:

Vendor: Jetbrains
Status: Rider
Vendor: CVE Published:; 3 August 2022

What is CVE-2022-37396?

A local code execution vulnerability in JetBrains Rider prior to version 2022.2 allows unauthorized bypass of the Trust and Open Project dialog. This flaw can potentially be exploited to execute arbitrary code on the local system, leading to significant security risks for developers using the affected versions.

Affected Version(s)

Rider 2022.2

References

https://www.jetbrains.com/privacy-security/issues-fixed/

x_refsource_MISC

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 3, 2022
Vulnerability Reserved
Aug 3, 2022

Jetbrains

What is CVE-2022-37396?

Affected Version(s)

References

CVSS V3.1

Timeline