CVE-2025-43016 – JetBrains Rider Arbitrary File Overwrite Vulnerability in Custom Archive Unpacker

Vulnerability

Patched

A vulnerability in JetBrains Rider versions prior to 2025.1.2 allows for arbitrary file overwriting. This issue arises during remote debugging sessions, where the custom archive unpacker fails to properly manage file extraction, potentially leading to unauthorized modifications of files.

Impact

Exploitation of this vulnerability could result in unauthorized file modifications, which may disrupt normal application behavior or overwrite critical data.

Remediation

Users can update to JetBrains Rider version 2025.1.2 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Affected Products

JetBrains Rider

Moderate fix1 remedy

cpe:2.3:a:jetbrains:rider:*:*:*:*:*:*:*

Moderate fix1 remedy

< 2025.1.2

JetBrains TeamCity

0 remedies

cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*

0 remedies

JetBrains YouTrack

Moderate fix2 remedies

cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*, +1 more

Moderate fix2 remedies

< 2025.1.76253
< 2025.1.74704

JetBrains RubyMine

0 remedies

cpe:2.3:a:jetbrains:rubymine:*:*:*:*:*:*:*

0 remedies

JetBrains Toolbox App

0 remedies

cpe:2.3:a:jetbrains:toolbox:*:*:*:*:*:*:*, +1 more

0 remedies

JetBrains IntelliJ IDEA

0 remedies

cpe:2.3:a:jetbrains:intellij_idea:*:*:*:*:*:*:*

0 remedies

JetBrains GoLand

0 remedies

cpe:2.3:a:jetbrains:goland:*:*:*:*:*:*:*

0 remedies

JetBrains Ktor

0 remedies

cpe:2.3:a:jetbrains:ktor:*:*:*:*:*:*:*

0 remedies

JetBrains dotTrace

0 remedies

cpe:2.3:a:jetbrains:dottrace:*:*:*:*:*:*:*

0 remedies

JetBrains ReSharper

0 remedies

cpe:2.3:a:jetbrains:resharper:*:*:*:*:*:*:*

0 remedies

JetBrains Hub

0 remedies

cpe:2.3:a:jetbrains:hub:*:*:*:*:*:*:*

0 remedies

JetBrains WebStorm

0 remedies

cpe:2.3:a:jetbrains:webstorm:*:*:*:*:*:*:*

0 remedies

JetBrains UpSource

0 remedies

cpe:2.3:a:jetbrains:upsource:*:*:*:*:*:*:*

0 remedies

JetBrains JetBrains Marketplace

0 remedies

cpe:2.3:a:jetbrains:space:*:*:*:*:*:*:*

0 remedies

JetBrains Code With Me

0 remedies

cpe:2.3:a:jetbrains:idetalk:*:*:*:*:*:*:*

0 remedies

JetBrains Exception Analyzer

0 remedies

cpe:2.3:a:jetbrains:aqua:*:*:*:*:*:*:*

0 remedies

CVSS Scores

volerion

8.5

CVSS 4.0

8.5

High

volerion

9.9

CVSS 3.1

9.9

Critical

nvd@nist.gov

7.5

CVSS 3.1

7.5

High

Vendor

5.4

CVSS 3.1

5.4

Medium

Click a row to open the calculator.

References

https://www.jetbrains.com/privacy-security/issues-fixed/

AdvisoryBundleVendor

Showing 1-1 of 1 references

JetBrains Rider Arbitrary File Overwrite Vulnerability in Custom Archive Unpacker

Vulnerability

Impact

Remediation

Affected Products

JetBrains Rider

JetBrains TeamCity

JetBrains YouTrack

JetBrains RubyMine

JetBrains Toolbox App

JetBrains IntelliJ IDEA

JetBrains GoLand

JetBrains Ktor

JetBrains dotTrace

JetBrains ReSharper

JetBrains Hub

JetBrains WebStorm

JetBrains UpSource

JetBrains JetBrains Marketplace

JetBrains Code With Me

JetBrains Exception Analyzer

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating