13 matches found
CVE-2022-35976
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
Code injection
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35976 Improper KubeConfig handling allows arbitrary code execution
The GitOps Tools Extension for VSCode relies on kubeconfigs in order to communicate with Kubernetes clusters. A specially crafted kubeconfig leads to arbitrary code execution on behalf of the user running VSCode. Users relying on kubeconfigs that are generated or altered by other processes or use...
CVE-2022-35975
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
Remote code execution
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
CVE-2022-35975 Improper object validation allows for arbitrary code execution in GitOps Tools Extension for VSCode
The GitOps Tools Extension for VSCode can make it easier to manage Flux objects. A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users using the VSCode extension to manage clusters that ar...
PT-2022-23074 · Unknown · Gitops Tools Extension For Vscode
Name of the Vulnerable Software and Affected Versions: GitOps Tools Extension for VSCode affected versions not specified Description: A specially crafted Flux object may allow for remote code execution in the machine running the extension, in the context of the user that is running VSCode. Users...
PT-2022-23075 · Microsoft · Vscode
Name of the Vulnerable Software and Affected Versions: GitOps Tools Extension for VSCode affected versions not specified Description: The GitOps Tools Extension for VSCode is affected by an issue where a specially crafted kubeconfig can lead to arbitrary code execution on behalf of the user runni...
Microsoft VSCode Extension 操作系统命令注入漏洞
Microsoft VSCode Extension is an extension for VSCode from Microsoft Corporation USA. An operating system command injection vulnerability exists in Microsoft VSCode Extension vscode-gitops-tools versions 0.7.0 through 0.20.2, which originates from a specially crafted Flux object in the context of...