CVE-2023-46248

CVE-2023-46248 affects the Cody AI VSCode extension (versions 0.10.0–0.14.0). An attacker controlling a malicious repository can modify the Cody configuration file ".vscode/cody.json" and overwrite Cody commands. If a user with the extension installed opens that repository and executes a Cody com...