整合開發環境IntelliJ存在重大漏洞,恐曝露GitHub存取憑證
支付動態 · 2024-06-12
軟體開發業者JetBrains針對旗下整合開發環境(IDE)漏洞CVE-2024-37051提出警告,並指出這項漏洞,主要影響啟動GitHub外掛程式的用戶
6月11日軟體開發業者JetBrains發布資安公告,指出他們在5月29日接獲通報,存在整合開發環境(IDE)IntelliJ平臺的漏洞CVE-2024-37051,有可能會影響拉取請求而被用於攻擊行動,CVSS風險評為9.3分。
當開發者使用基於這套IDE平臺時,攻擊者會藉由惡意內容,引誘拉取特定GitHub專案,從而讓開發者的存取Token外流至第三方主機。
該公司指出,這項弱點影響IntelliJ平臺所有2023.1以上版本的IDE,只要開發者同時啟用他們提供的GitHub外掛程式,就有可能曝險。他們提供新版IDE及外掛程式修補漏洞,並呼籲開發者若曾透過這套IDE拉取GitHub專案,應註銷外掛程式所用的Token。
熱門文章
Indiana online casino bill stalls in House committee
Regulation
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Kazakhstan plans to penalise online casino promotions
Regulation
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
British gambling levy rates confirmed for each vertical
Regulation
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
