6 matches found
CVE-2021-28956
The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Code injection
The unofficial vscode-phpmd aka PHP Mess Detector extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace folder...
Microsoft Visual Studio Code 命令注入漏洞
Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Visual Studio Code versions prior to 1.3.0, which stems from a problem with Visual Studio Code's unofficial vcode -phpmd aka PHP Mess Detector extension. The vulnerability can be...
CVE-2021-28956
The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
vscode-swiftlint 安全漏洞
vscode-swiftlint is open source an unofficial VS Code extension . Swift styles and conventions can be implemented through SwiftLint . A code execution vulnerability exists in versions prior to vscode-swiftlint 1.4.5, which can be exploited by an attacker to execute arbitrary code on a system...
vscode-apple-swift-format 安全漏洞
vscode-apple-swift-format is an unofficial VS Code extension for open source. Used to format Swift code using apple / swift-format. A security vulnerability exists in versions prior to vscode-apple-swift-format 1.1.2, which can be exploited by attackers to execute arbitrary code on a system...