PT-2024-2901 · Jetbrains · Jetbrains Toolbox App

Published

2024-02-06

Updated

2024-02-09

CVE-2024-24943

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions JetBrains Toolbox App versions prior to 2.2

Description The issue is related to an uncontrolled resource consumption vulnerability in the JetBrains Toolbox App. This vulnerability can be exploited by a remote attacker to cause a denial of service using a malicious SVG image.

Recommendations For versions prior to 2.2, update to version 2.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of SVG images in the app until a patch is applied.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

BDU:2024-03066

CVE-2024-24943

Affected Products

Jetbrains Toolbox App

PT-2024-2901 · Jetbrains · Jetbrains Toolbox App

CVE-2024-24943

Weakness Enumeration

Related Identifiers

Affected Products

References · 8