Описание
The unofficial vscode-rufo extension before 0.0.4 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace folder.
Ссылки
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.0.4 (исключая)
cpe:2.3:a:vscode-rufo_project:vscode-rufo:*:*:*:*:*:visual_studio:*:*
EPSS
Процентиль: 65%
0.00484
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
The unofficial vscode-rufo extension before 0.0.4 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace folder.
EPSS
Процентиль: 65%
0.00484
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other