Описание
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
FAQ
How could an attacker exploit this vulnerability?
To exploit this vulnerability, an attacker would need to convince a targeted user to clone a malicious repository. Attacker-specified code would execute once the targeted user viewed contents of the repository in Visual Studio Code.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Visual Studio Code - npm-script Extension |
Показывать по
10
Возможность эксплуатации
Publicly Disclosed
No
Exploited
No
Latest Software Release
Exploitation Less Likely
Older Software Release
Exploitation Less Likely
DOS
N/A
EPSS
Процентиль: 94%
0.12921
Средний
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
почти 5 лет назад
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
EPSS
Процентиль: 94%
0.12921
Средний
7.8 High
CVSS3