CVE-2021-28967

The unofficial MATLAB extension before 2.0.1 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings...

PT-2021-18005 · Unknown · Matlab Extension For Visual Studio Code

Name of the Vulnerable Software and Affected Versions: MATLAB extension for Visual Studio Code versions prior to 2.0.1 Description: The issue allows attackers to execute arbitrary code via a crafted workspace because of lint configuration settings. This is due to a problem in the unofficial MATLA...

Code injection

UNSUPPORTED WHEN ASSIGNED The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintaine...

CVE-2021-28956

The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

Microsoft Visual Studio Code 安全漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A security vulnerability in Microsoft Visual Studio Code vscode-sass-lint 1.0.7 allows an attacker to execute arbitrary binaries when a user opens a crafted workspace...

CVE-2021-28953

The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository...

CVE-2021-28953

The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository...

Design/Logic Flaw

The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository...

CVE-2021-28953

CVE-2021-28953 affects the unofficial C/C++ Advanced Lint extension for Visual Studio Code (pre-1.9.0). The vulnerability allows an attacker to cause the extension to execute arbitrary binaries when a user opens a crafted repository. The issue, present in multiple feeds, is documented with a CVSS...

CVE-2021-28953

The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted repository...

Joseph Benden C/C++ Advanced Lint 代码问题漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A code injection vulnerability in Microsoft Visual Studio Code unofficial C/C++ Advanced Lint extension prior to version 1.9.0 can be exploited by an attacker to execute arbitrary binaries when a user opens a carefully...

PT-2021-17996 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: C/C++ Advanced Lint extension versions prior to 1.9.0 for Visual Studio Code Description: The issue allows attackers to execute arbitrary binaries if the user opens a crafted repository. There is no information provided about the estimated...

CVE-2021-28794

The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath...

CVE-2021-28794

The unofficial ShellCheck extension before 0.13.4 for Visual Studio Code mishandles shellcheck.executablePath...

CVE-2021-28790

The unofficial SwiftLint extension before 1.4.5 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftlint.path configuration value that triggers execution upon opening the workspace...

CVE-2021-28791

The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftformat.path configuration value that triggers execution upon opening the workspace...

CVE-2021-28792

The unofficial Swift Development Environment extension before 2.12.1 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted sourcekit-lsp.serverPath, swift.languageServerPath, swift.path.sourcekite,...

CVE-2021-28790

The unofficial SwiftLint extension before 1.4.5 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted swiftlint.path configuration value that triggers execution upon opening the workspace...

CVE-2021-28792

The unofficial Swift Development Environment extension before 2.12.1 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted sourcekit-lsp.serverPath, swift.languageServerPath, swift.path.sourcekite,...

CVE-2021-28789

The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing a malicious workspace with a crafted apple-swift-format.path configuration value that triggers execution upon opening the workspace...