CVE-2024-49050Trust Boundary Violation in Microsoft Python Extension FOR Visual Studio Code

CWE-501Trust Boundary Violation4 documents4 sources
Severity
8.8HIGHNVD
EPSS
3.0%
top 13.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Python Extension FOR Visual Studio CodeMicrosoft Python
Timeline
PublishedNov 12

Description

Visual Studio Code Python Extension Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDmicrosoft/python< 2024.18.2

Patches

Patch: msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-36jr-8w83-wr8q: Visual Studio Code Python Extension Remote Code Execution Vulnerability2024-11-12
CVEList
Visual Studio Code Python Extension Remote Code Execution Vulnerability2024-11-12

📋Vendor Advisories

1
Microsoft
Visual Studio Code Python Extension Remote Code Execution Vulnerability2024-11-12
CVE-2024-49050 — Trust Boundary Violation in Microsoft | cvebase