Rapid7 claims that after more than a week of radio silence from JetBrains on the coordinated disclosure matter, Rapid7 spotted fresh patches for CVE-2024-27198 and CVE-2024-27199 on Monday, without a published security advisory and without telling the researchers.
A glass-half-full onlooker may consider JetBrains' behavior and consider how silently patching the vulnerabilities could have been positive.
[
add
]
[
|
|
...
]