Amazon · Amazon Q Developer Visual Studio Code Extension · CVE-2025-8217
**Name of the Vulnerable Software and Affected Versions**
Amazon Q Developer Visual Studio Code (VS Code) extension version 1.84.0
**Description**
The Amazon Q Developer Visual Studio Code (VS Code) extension v1.84.0 contains injected code intended to call the Q Developer CLI. This code executes upon extension launch but contains a syntax error, preventing a successful API call.
**Recommendations**
Upgrade to version 1.85.0.
Remove all installations of version 1.84.0.