In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure macOS flags was possible
"2026-04-12T19:59:21Z"
[
{
"digest": {
"length": 172.0,
"function_hash": "269317293338090498492789324448065049158"
},
"signature_type": "Function",
"target": {
"file": "test/jdk/jb/build/VerifyDependencies.java",
"function": "main"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2025-29903-556f1401",
"source": "https://github.com/jetbrains/jetbrainsruntime/commit/d36fde222ddeff1d58acda0072bea24279c5f7fb"
},
{
"digest": {
"length": 715.0,
"function_hash": "203665111682024621730387422857739338473"
},
"signature_type": "Function",
"target": {
"file": "test/jdk/jb/build/VerifyDependencies.java",
"function": "verifyLibrary"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2025-29903-8e36c115",
"source": "https://github.com/jetbrains/jetbrainsruntime/commit/d36fde222ddeff1d58acda0072bea24279c5f7fb"
},
{
"digest": {
"line_hashes": [
"171679659782059965382423940653297851639",
"272416349608584747625478242186286720613",
"162404468588493417929942508321248633865",
"52733794100081985355767356879218671886",
"306929955141679693959276143082427491568",
"95129481802168770395437467607930134874",
"137699680303875509554366972456395547323",
"305932824484883644079194281818270601327",
"257849479806598038887440253805108750530",
"280879640242906462896267339846359643686",
"303458592151844990009136265648921869217",
"116770172377109181673139758768676956233",
"223878066664222394540113071663930764488",
"69574060175169134197533974908380988400",
"307108598855142698571092324647738103301",
"216154071018770572455112778015948715867",
"247474686950924756875701928428712268854",
"237354181539551903594603853390969422778"
],
"threshold": 0.9
},
"signature_type": "Line",
"target": {
"file": "test/jdk/jb/build/VerifyDependencies.java"
},
"signature_version": "v1",
"deprecated": false,
"id": "CVE-2025-29903-e3f3ca3a",
"source": "https://github.com/jetbrains/jetbrainsruntime/commit/d36fde222ddeff1d58acda0072bea24279c5f7fb"
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-29903.json"