EUVD-2021-9680

Malicious code in bioql PyPI...

MAL-2025-696 Malicious code in vscode-bazel-bsp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious code in vscode-bazel-bsp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

CVE-2021-22539

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint .bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recomme...

CVE-2021-22539

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint .bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recomme...

Path traversal

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint .bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recomme...

CVE-2021-22539 Code execution in VSCode-bazel via malicious Bazel config files

An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint .bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recomme...

CVE-2021-22539

CVE-2021-22539 affects vscode-bazel. A crafted JSON config file in the project folder can point to a custom executable, because vscode-bazel allows the workspace path to lint *.bzl files to be set via this config. This enables execution of any executable on the system through vscode-bazel. The re...

PT-2021-15132 · Unknown · Vscode-Bazel

Name of the Vulnerable Software and Affected Versions: vscode-bazel versions prior to 0.4.1 Description: An attacker can place a crafted JSON config file into the project folder, pointing to a custom executable, allowing the execution of any executable on the system through vscode-bazel. This is...

Philipp Wollermann VScode-bazel 安全漏洞

Philipp Wollermann vscode-bazel is a Philipp Wollermann open source application. Bazel plugin for Visual Studio Code. A security vulnerability exists in versions prior to VScode-bazel 0.4.1, which can be exploited by attackers to execute any executable file on a system via vscode-bazel...