code

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description The Open Source build of Visual Studio Code (vscode) editor
Version 1.58.0-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-2155 1.58.0-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-34529 AVG-2155 Medium No Arbitrary code execution
Visual Studio Code Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-34528.
CVE-2021-34528 AVG-2155 Medium Yes Arbitrary code execution
A security issue has been found in Visual Studio Code. Using Git in untrusted workspaces could lead to arbitrary code execution. This CVE ID is unique from...
CVE-2021-34479 AVG-2155 Medium No Content spoofing
A security issue has been found in Microsoft Visual Studio. Guessable nonces in WebView could be abused for content spoofing.
CVE-2021-34477 AVG-2155 Medium No Privilege escalation
Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability.

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1963 1.56.2-3 1.58.0-1 Medium Fixed
AVG-1820 1.54.3-3 High Not affected
AVG-1819 1.55.2-1 1.56.2-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-31214 AVG-1963 Medium No Arbitrary code execution
An arbitrary code execution vulnerability in the Grunt, Gulp and Jake task auto detection has been found in Visual Studio Code before version 1.57.0.
CVE-2021-31211 AVG-1963 Medium Yes Arbitrary code execution
An arbitrary code execution vulnerability through crafted remote terminal settings has been found in Visual Studio Code before version 1.57.0.
CVE-2021-28477 AVG-1819 High Yes Arbitrary code execution
An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28475 AVG-1819 High No Arbitrary code execution
An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28473 AVG-1819 High No Arbitrary code execution
An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28471 AVG-1819 High Yes Arbitrary code execution
A remote code execution vulnerability has been found in the Remote Development extension for Visual Studio Code before version 1.56.0.
CVE-2021-28469 AVG-1819 High No Arbitrary code execution
An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28457 AVG-1819 High No Arbitrary code execution
An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-27064 AVG-1820 High No Privilege escalation
An elevation of privilege vulnerability has been found in the Visual Studio Installer.

Advisories

Date Advisory Group Severity Type
20 Jul 2021 ASA-202107-34 AVG-1963 Medium arbitrary code execution