Visual Studio Code Security Vulnerabilities

CVE-2021-31211

Visual Studio Code Remote Code Execution...

CVE-2021-31213

Visual Studio Code Remote Containers Extension Remote Code Execution...

CVE-2021-31214

Visual Studio Code Remote Code Execution...

CVE-2021-27068

Visual Studio Remote Code Execution...

CVE-2021-28469

Visual Studio Code Remote Code Execution...

CVE-2021-28473

Visual Studio Code Remote Code Execution...

CVE-2021-28471

Remote Development Extension for Visual Studio Code Remote Code Execution...

CVE-2021-28475

Visual Studio Code Remote Code Execution...

CVE-2021-28448

Visual Studio Code Kubernetes Tools Remote Code Execution...

CVE-2021-28477

Visual Studio Code Remote Code Execution...

CVE-2021-28457

Visual Studio Code Remote Code Execution...

CVE-2021-28472

Visual Studio Code Maven for Java Extension Remote Code Execution...

CVE-2021-28470

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution...

CVE-2021-27084

Visual Studio Code Java Extension Pack Remote Code Execution...

CVE-2021-27081

Visual Studio Code ESLint Extension Remote Code Execution...

CVE-2021-27083

Remote Development Extension for Visual Studio Code Remote Code Execution...

CVE-2021-27060

Visual Studio Code Remote Code Execution...

CVE-2021-27082

Quantum Development Kit for Visual Studio Code Remote Code Execution...

CVE-2021-1639

Visual Studio Code Remote Code Execution...

CVE-2021-26700

Visual Studio Code npm-script Extension Remote Code Execution...

CVE-2020-17156

Visual Studio Remote Code Execution...

CVE-2020-17159

Visual Studio Code Java Extension Pack Remote Code Execution...

CVE-2020-17150

Visual Studio Code Remote Code Execution...

CVE-2020-17148

Visual Studio Code Remote Development Extension Remote Code Execution...

CVE-2020-17104

Visual Studio Code JSHint Extension Remote Code Execution...

CVE-2020-16977

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative...

CVE-2020-17023

A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

CVE-2020-16874

A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an...

CVE-2020-16856

A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an...

CVE-2020-16881

A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

CVE-2020-0604

A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

CVE-2020-1481

A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when it validates source code after opening a project, aka 'Visual Studio Code ESLint Extention Remote Code Execution...

CVE-2020-1416

An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege...

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution...

CVE-2020-1343

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure...

CVE-2020-1192

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from...

CVE-2020-1171

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from...

CVE-2019-1350

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354,...

CVE-2019-1349

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354,...

CVE-2019-1354

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352,...

CVE-2019-1414

An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege...

CVE-2019-1352

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354,...

CVE-2019-0809

A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer improperly validates input before loading dynamic link library (DLL) files, aka 'Visual Studio Remote Code Execution...

CVE-2019-0728

A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution...

CVE-2019-0613

A remote code execution vulnerability exists in .NET Framework and Visual Studio software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework and...

CVE-2019-0546

A remote code execution vulnerability exists in Visual Studio when the C++ compiler improperly handles specific combinations of C++ constructs, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual...

CVE-2018-8232

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka "Microsoft Macro Assembler Tampering Vulnerability." This affects Microsoft Visual...

CVE-2018-8172

A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup of a file for an unbuilt project, aka "Visual Studio Remote Code Execution Vulnerability." This affects Microsoft Visual Studio, Expression Blend...

CVE-2018-0597

Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified...