~/products/msrc/visual_studio_code

pipeline liveDigest Docs

Msrc Visual Studio Code vulnerabilities

49 known vulnerabilities affecting msrc/visual_studio_code.

Total CVEs

49

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

CRITICAL1HIGH41MEDIUM7

Vulnerabilities

Page 3 of 3

CVE-2021-1639HIGHCVSS 7.02021-02-09

CVE-2021-1639 [HIGH] Visual Studio Code Remote Code Execution Vulnerability Visual Studio Code Remote Code Execution Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: http://aka.ms/vs/16/release/latest Reference: https://code.visualstudio.com/Download Re

CVE-2020-17104HIGHCVSS 7.82020-11-10

CVE-2020-17104 [HIGH] Visual Studio Code JSHint Extension Remote Code Execution Vulnerability Visual Studio Code JSHint Extension Remote Code Execution Vulnerability Visual Studio: Visual Studio Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Remediation: Release Notes Reference: https://marketplace.vis

CVE-2020-17023HIGHCVSS 7.82020-10-13

CVE-2020-17023 [HIGH] Visual Studio JSON Remote Code Execution Vulnerability Visual Studio JSON Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of

CVE-2020-16881HIGHCVSS 7.82020-09-08

CVE-2020-16881 [HIGH] Visual Studio JSON Remote Code Execution Vulnerability Visual Studio JSON Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of

CVE-2020-0604HIGHCVSS 7.82020-08-11

CVE-2020-0604 [HIGH] Visual Studio Code Remote Code Execution Vulnerability Visual Studio Code Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the aff

CVE-2020-1416HIGHCVSS 8.82020-07-14

CVE-2020-1416 [HIGH] Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies. A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user. If the current user is logged on with administrative user r

CVE-2020-1192CRITICALCVSS 7.82020-05-12

CVE-2020-1192 [HIGH] Visual Studio Code Python Extension Remote Code Execution Vulnerability Visual Studio Code Python Extension Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user right

CVE-2019-1414HIGHCVSS 7.82019-10-08

CVE-2019-1414 [HIGH] Visual Studio Code Elevation of Privilege Vulnerability Visual Studio Code Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer. A local attacker who successfully exploited the vulnerability could inject arbitrary code to run in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take

CVE-2019-0728HIGHCVSS 7.82019-02-12

CVE-2019-0728 [HIGH] Visual Studio Code Remote Code Execution Vulnerability Visual Studio Code Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the aff

← Previous3 / 3