CVE-2020-16977

Name of the Vulnerable Software and Affected Versions: Visual Studio Code (affected versions not specified)

Description: A remote code execution issue exists when the Python extension loads a Jupyter notebook file, allowing an attacker to run arbitrary code in the context of the current user. If the user has administrative rights, the attacker could take control of the system, install programs, view, change, or delete data, or create new accounts. To exploit this, an attacker must convince a target to open a specially crafted file in Visual Studio Code with the Python extension installed.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.