CVE-2024-24939

Name of the Vulnerable Software and Affected Versions JetBrains Rider versions prior to 2023.3.3

Description The issue is related to insufficient protection of registration data, which may allow an attacker to disclose protected information. Specifically, in JetBrains Rider, logging of environment variables containing secret values was possible. This could potentially expose sensitive information.

Recommendations For versions prior to 2023.3.3, update to version 2023.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to environment variables containing secret values until a patch is applied. Avoid logging sensitive environment variables in the affected versions of JetBrains Rider.