Rohit Kumar

**Name of the Vulnerable Software and Affected Versions** Wiz Code Visual Studio Code extension versions 1.0.0 through 1.5.3 Wiz (legacy) Visual Studio Code extension versions 0.13.0 through 0.17.8 **Description** The issue allows for local command injection when a user opens a maliciously crafted Dockerfile in a "trusted folder" within Visual Studio Code and initiates a manual scan of the file. **Recommendations** For Wiz Code Visual Studio Code extension versions 1.0.0 through 1.5.3, update to a version outside of this range to resolve the issue. For Wiz (legacy) Visual Studio Code extension versions 0.13.0 through 0.17.8, update to a version outside of this range to resolve the issue. As a temporary workaround, consider avoiding the use of manual scans on Dockerfiles from untrusted sources until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Samsung Health versions prior to 6.20.1.005 **Description** The issue is related to improper session management, which prevents users from logging out of the Samsung Health App. **Recommendations** For versions prior to 6.20.1.005, update to version 6.20.1.005 or later to resolve the issue.