Severity
5.0MEDIUM
EPSS
0.0%
top 87.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 11
Description
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:NExploitability: 1.3 | Impact: 3.6