Microsoft Github Copilot Chat vulnerabilities
2 known vulnerabilities affecting microsoft/github_copilot_chat.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-62222HIGHCVSS 8.8fixed in 0.32.52025-11-11
CVE-2025-62222 [HIGH] CWE-20 CVE-2025-62222: Improper neutralization of special elements used in a command ('command injection') in Visual Studio
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.
nvd
CVE-2025-62449MEDIUMCVSS 6.8fixed in 0.32.02025-11-11
CVE-2025-62449 [MEDIUM] CWE-22 CVE-2025-62449: Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code
Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.
nvd