776 matches found
CVE-2025-62222
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...
CVE-2025-62222
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...
CVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
...
CVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
...
CVE-2025-62453
CVE-2025-62453 affects GitHub Copilot and Visual Studio Code due to improper validation of generative AI output, enabling an authorized local attacker to bypass a security feature. Multiple sources corroborate a security feature bypass vulnerability in Visual Studio Code and Copilot Chat, with im...
EUVD-2025-93392
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...
CVE-2025-62449 Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
...
CVE-2025-62449
The CVE-2025-62449 issue is a path traversal vulnerability in the Visual Studio Code CoPilot Chat Extension (prior to version 0.32.5). A local, low-privilege, authorized attacker can bypass a security feature and access files outside the intended workspace, with high impact to confidentiality and...
CVE-2025-62449 Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
...
EUVD-2025-93395
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...
EUVD-2025-93394
Improper limitation of a pathname to a restricted directory 'path traversal' in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally...
Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...
Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
Improper limitation of a pathname to a restricted directory 'path traversal' in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally...
GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...
KLA90062 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in GitHub Copilot and Visual Studio...
PT-2025-46514
Name of the Vulnerable Software and Affected Versions Visual Studio Code CoPilot Chat Extension affected versions not specified Description The Visual Studio Code CoPilot Chat Extension contains a flaw related to improper neutralization of special elements used in commands, potentially leading to...
PT-2025-46515
Name of the Vulnerable Software and Affected Versions Visual Studio Code CoPilot Chat Extension affected versions not specified Description An issue exists in Visual Studio Code CoPilot Chat Extension related to improper limitation of a pathname to a restricted directory, also known as a 'path...
PT-2025-46517
Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description A security feature bypass can occur due to improper validation of generative AI output in GitHub Copilot and Visual Studio Code. An authorized attacker can explo...
Microsoft Visual Studio Code 路径遍历漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A path traversal vulnerability exists in Microsoft Visual Studio Code CoPilot Chat Extension. An attacker exploiting this vulnerability could bypass certain functionality...
Microsoft Visual Studio Code 命令注入漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A command injection vulnerability exists in Microsoft Visual Studio Code CoPilot Chat Extension. An attacker can execute code by exploiting this vulnerability...