CVE-2025-58335

EPSS 0%
Veröffentlicht 28.08.2025 16:48:57
Zuletzt bearbeitet 20.01.2026 17:32:38
Quelle cve@jetbrains.com
CVE-Watchlists
Login
Unerledigt
Login

In JetBrains Junie before 252.284.66,
251.284.66,
243.284.66,
252.284.61,
251.284.61,
243.284.61,
252.284.50,
252.284.54,
251.284.54,
251.284.50,
243.284.54,
243.284.50 information disclosure was possible via search_project function

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

JetBrains ≫ Junie Version < 243.284.50

JetBrains ≫ Junie Version >= 251.72.165 < 251.284.50

JetBrains ≫ Junie Version >= 252.204.139 < 252.284.50

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0%	0

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cve@jetbrains.com	5.5	1	4	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

CWE-356 Product UI does not Warn User of Unsafe Actions

The product's user interface does not warn the user before undertaking an unsafe action on behalf of that user. This makes it easier for attackers to trick users into inflicting damage to their system.

https://www.jetbrains.com/privacy-security/issues-fixed/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-58335

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-58335

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-58335

EUVD