CVE-2022-24526

Опубликовано: 10 мар. 2022

Источник: msrc

CVSS3: 6.1

EPSS Низкий

Описание

Visual Studio Code Spoofing Vulnerability

FAQ

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have be enticed to open a malicious file in vscode. Users should never open anything that they do not know or trust to be safe.

According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?

The user would have be enticed to open a malicious file in a directory. Users should never open anything that they do not know or trust to be safe.

Обновления

Продукт	Статья	Обновление
Visual Studio Code	Release Notes	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

Exploitation Less Likely

DOS

N/A

EPSS

Процентиль: 73%

0.00789

Низкий

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2022-24526

CVSS3: 6.1

nvd

почти 4 года назад

Visual Studio Code Spoofing Vulnerability

GHSA-wrc6-xp7r-866c

CVSS3: 5.5

github

почти 4 года назад

Visual Studio Code Spoofing Vulnerability.

BDU:2022-01422

CVSS3: 6.1

fstec

около 4 лет назад

Уязвимость редактора исходного кода Visual Studio Code, связанная с ошибками представления информации пользовательским интерфейсом, позволяющая нарушителю проводить спуфинг-атаки

EPSS

Процентиль: 73%

0.00789

Низкий

6.1 Medium

CVSS3