The vulnerability of Visual Studio Code’s source editor on Microsoft Windows operating systems stems from vulnerabilities related to access control. These vulnerabilities allow attackers to escalate their privileges.

The vulnerability of Visual Studio Code’s source editor is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain increased privileges...

Microsoft Visual Studio Code Information Disclosure Vulnerability

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. An information disclosure vulnerability exists in Microsoft Visual Studio Code. An attacker can exploit this vulnerability to obtain a token by performing a man-in-the-middle attack...

CVE-2020-1343

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'...

Information disclosure

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'...

CVE-2020-1343

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'...

CVE-2020-1343

Technical details about CVE-2020-1343 are not provided in the connected documents; public information appears limited to the basic description of an information disclosure in Visual Studio Code Live Share. Monitor for updates.

Visual Studio Code Live Share Information Disclosure Vulnerability

An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text. To exploit the vulnerability, an attacker would need to perform a successful capture of the tokens from client to proxy, where specific proxy settings are being used,...

KLA11812 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Diagnostic Hub...

CVE-2020-1192

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...

CVE-2020-1192

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...

CVE-2020-1171

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192...

CVE-2020-1171

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192...

Remote code execution

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192...

Remote code execution

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...

CVE-2020-1192

CVE-2020-1192 describes a remote code execution vulnerability in Visual Studio Code involving the Python extension loading workspace settings from a notebook file. The CVE is distinct from CVE-2020-1171. Public technical specifics (exact affected versions, root cause details, and patch/mitigation...

CVE-2020-1192

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171...

CVE-2020-1171

The CVE-2020-1171 entry describes a remote code execution vulnerability in Visual Studio Code when the Python extension loads configuration files after opening a project. The root cause is tied to the Python extension’s handling of configuration files, enabling code execution in the context of th...

CVE-2020-1171

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192...

Microsoft Visual Studio Code Extensions Installed

Binary data microsoftvisualstudiocodewinextensionsinstalled.nbin...

Security Update for Microsoft Visual Studio Code Python Extension (May 2020)

A remote code execution RCE vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged o...