code

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	The Open Source build of Visual Studio Code (vscode) editor
Version	1.95.1-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2542	1.62.0-1	1.63.0-1	High	Fixed
AVG-2429	1.60.2-1		Medium	Not affected
AVG-2428	1.60.2-1		High	Not affected
AVG-2427	1.58.0-1	1.60.2-1	Medium	Fixed
AVG-2155	1.56.2-3	1.58.0-1	Medium	Fixed
AVG-1963	1.56.2-3	1.58.0-1	Medium	Fixed
AVG-1820	1.54.3-3		High	Not affected
AVG-1819	1.55.2-1	1.56.2-1	High	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2021-43908	AVG-2542	Medium	Yes	Content spoofing	A content spoofing vulnerability has been found in Visual Studio Code.
CVE-2021-43891	AVG-2542	High	No	Arbitrary code execution	A code execution vulnerability has been found in Visual Studio Code.
CVE-2021-42322	AVG-2542	High	No	Privilege escalation	A privilege escalation security issue has been found in Visual Studio Code before version 1.63.0.
CVE-2021-36952	AVG-2428	High	No	Arbitrary code execution	Visual Studio Arbitrary Code Execution Vulnerability
CVE-2021-34529	AVG-2155	Medium	No	Arbitrary code execution	A security issue has been found in Visual Studio Code version 1.57 that could lead to arbitrary code execution. This CVE ID is unique from CVE-2021-34528.
CVE-2021-34528	AVG-2427	Medium	Yes	Arbitrary code execution	A security issue has been found in Visual Studio Code before version 1.59.0. Using Git in untrusted workspaces could lead to arbitrary code execution. This...
CVE-2021-34479	AVG-2427	Medium	No	Content spoofing	A security issue has been found in Visual Studio Code before version 1.59.0. Guessable nonces in WebView could be abused for content spoofing.
CVE-2021-34477	AVG-2429	Medium	No	Privilege escalation	Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability.
CVE-2021-31214	AVG-1963	Medium	No	Arbitrary code execution	An arbitrary code execution vulnerability in the Grunt, Gulp and Jake task auto detection has been found in Visual Studio Code before version 1.57.0.
CVE-2021-31211	AVG-1963	Medium	Yes	Arbitrary code execution	An arbitrary code execution vulnerability through crafted remote terminal settings has been found in Visual Studio Code before version 1.57.0.
CVE-2021-28477	AVG-1819	High	Yes	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28475	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28473	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28471	AVG-1819	High	Yes	Arbitrary code execution	A remote code execution vulnerability has been found in the Remote Development extension for Visual Studio Code before version 1.56.0.
CVE-2021-28469	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28457	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-27064	AVG-1820	High	No	Privilege escalation	An elevation of privilege vulnerability has been found in the Visual Studio Installer.
CVE-2021-26437	AVG-2427	Medium	No	Content spoofing	A spoofing security issue has been found in Visual Studio Code version 1.59.1.
CVE-2021-26434	AVG-2428	High	No	Privilege escalation	Visual Studio Elevation of Privilege Vulnerability

Advisories

Date	Advisory	Group	Severity	Type
20 Jul 2021	ASA-202107-34	AVG-1963	Medium	arbitrary code execution