19 matches found
CVE-2022-35976
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35975
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
EUVD-2022-38802
Malicious code in bioql PyPI...
EUVD-2022-38803
Malicious code in bioql PyPI...
CVE-2022-35976
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
Code injection
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35976
The CVE concerns the GitOps Tools Extension for VSCode, which uses kubeconfigs to talk to Kubernetes clusters. A specially crafted kubeconfig can cause arbitrary code execution under the user running VSCode. Affected users are those with kubeconfigs generated or altered by other processes/users; ...
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35975
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
Remote code execution
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
CVE-2022-35975
CVE-2022-35975 affects the GitOps Tools Extension for VSCode. A specially crafted Flux object can cause remote code execution on the machine running VSCode in the context of the user, impacting users managing clusters shared among multiple users. The issue is described as improper object validati...
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
PT-2022-23074 · Unknown · Gitops Tools Extension For Vscode
Name of the Vulnerable Software and Affected Versions: GitOps Tools Extension for VSCode affected versions not specified Description: A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users...
PT-2022-23075 · Microsoft · Vscode
Name of the Vulnerable Software and Affected Versions: GitOps Tools Extension for VSCode affected versions not specified Description: The GitOps Tools Extension for VSCode is affected by an issue where a specially crafted kubeconfig can lead to arbitrary code execution on behalf of the user runni...
Microsoft VSCode Extension 操作系统命令注入漏洞
Microsoft VSCode Extension is an extension for VSCode from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft VSCode Extension vscode-gitops-tools versions 0.7.0 through 0.20.2, which originates from a specially crafted Flux object in the context of...