CVE-2024-37051
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-37051
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-37051.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-37051
- Published
- 2024-06-10T16:15:16.713Z
- Modified
- 2025-11-15T21:38:17.451187Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4
- References
Affected packages
Git / github.com/jetbrains/mps
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jetbrains/mps
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
171/mihmuh_test
2.*
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.5
2.5.2
2.5.3
2.5.4
2017.*
2017.1.0
2017.1.1
2017.1.2
2017.1.3
2017.2.0
2017.2.1
2017.2.2
2017.2.3
2017.3.0
2017.3.1
2017.3.2
2017.3.3
2017.3.4
2017.3.5
2017.3.6
2018.*
2018.1.0
2018.1.1
2018.1.2
2018.1.3
2018.1.4
2018.1.5
2018.2.0
2018.2.1
2018.2.2
2018.2.3
2018.2.4
2018.2.5
2018.2.6
2018.3.0
2018.3.1
2018.3.2
2018.3.3
2018.3.4
2018.3.5
2018.3.6
2018.3.7
2019.*
2019.1.0
2019.1.1
2019.1.2
2019.1.3
2019.1.4
2019.1.5
2019.1.6
2019.2.2
2019.2.3
2019.2.4
2019.3.0
2019.3.1
2019.3.2
2019.3.3
2019.3.4
2019.3.5
2019.3.6
2019.3.7
2020.*
2020.1.2
2020.1.3
2020.1.4
2020.1.5
2020.1.6
2020.1.7
2020.2.0
2020.2.1
2020.2.2
2020.2.3
2020.3.0
2020.3.1
2020.3.2
2020.3.3
2020.3.4
2020.3.6
2021.*
2021.1.0
2021.1.1
2021.1.2
2021.1.3
2021.1.4
2021.1.5
2021.2.0
2021.2.1
2021.2.2
2021.2.3
2021.2.4
2021.2.5
2021.3.0
2021.3.1
2021.3.2
2021.3.3
2021.3.4
2021.3.5
2022.*
2022.2.0
2022.2.1
2022.2.2
2022.2.3
2022.2.4
2022.3.0
2022.3.1
2022.3.2
2022.3.3
2023.*
2023.2.0
2023.2.2
2023.3.0
2023.3.2
2024.*
2024.1.0
2024.1.1
3.*
3.0.2
3.0.3
3.0.4
3.1.1
3.1.3
3.1.4
3.2.1
3.2.2
3.2.3
3.3.2
3.3.3
3.3.4
3.3.5
3.4
3.4.1
3.4.2
3.4.3
3.4.4
3.4.RC1
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"175621266958781764532802130114966611145",
"293485779309409983890151718238970977854",
"13521524942497556350022255890708877242",
"189370554675274299822115995798584278332",
"248221457793420909185681750973029352697",
"244056844232880944912164714113965953970",
"53548746985494351402499626735555583973",
"75708893584585402188182545402381578126",
"38261606059462205351466974258256153764",
"23040807890659366509541938096435766630",
"9288444271726209805556617281816267770",
"114888792741591507072807278480633581759",
"150888600151041149063684155928571520942",
"182987005795670213164769301237477527153",
"229853130353384488448793057959596770753"
],
"threshold": 0.9
},
"id": "CVE-2024-37051-08d77824",
"source": "https://github.com/jetbrains/mps/commit/43b1ab6686907dc12a79cd208fe5e8f043114976",
"target": {
"file": "core/persistence/source/jetbrains/mps/persistence/FilePerRootModelFactory.java"
}
},
{
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"23063257638385920868046350217001509061",
"171025630835258078118877839053072063743",
"44854456354686642151861301431108353954",
"213923488284648877707086742087787946707",
"71186537380968293886713753429718161291",
"29534439252002276086893767766055507862",
"190420895900646986429294150587079511113",
"246005680323233437273301487714423255158",
"306749546905830490465212552206525310064",
"289080610830801736454712468069486661285",
"274318296007481985995946945881758541997",
"318014160824873447637268678358602618790",
"249442355735196379176201736392887953763",
"239375467323772242050822318044641793816"
],
"threshold": 0.9
},
"id": "CVE-2024-37051-21fe5229",
"source": "https://github.com/jetbrains/mps/commit/43b1ab6686907dc12a79cd208fe5e8f043114976",
"target": {
"file": "core/persistence/source/jetbrains/mps/smodel/persistence/def/FilePerRootFormatUtil.java"
}
},
{
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 569.0,
"function_hash": "309977248952343321511989502921681437946"
},
"id": "CVE-2024-37051-6a05146e",
"source": "https://github.com/jetbrains/mps/commit/43b1ab6686907dc12a79cd208fe5e8f043114976",
"target": {
"function": "getStreamNames",
"file": "core/persistence/source/jetbrains/mps/smodel/persistence/def/FilePerRootFormatUtil.java"
}
},
{
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 415.0,
"function_hash": "80287535861273759320861266355230548879"
},
"id": "CVE-2024-37051-dedcd9fa",
"source": "https://github.com/jetbrains/mps/commit/43b1ab6686907dc12a79cd208fe5e8f043114976",
"target": {
"function": "getNodeLocation",
"file": "core/persistence/source/jetbrains/mps/persistence/FilePerRootModelFactory.java"
}
}
]