CVE-2021-32039

Name of the Vulnerable Software and Affected Versions MongoDB Extension for VS Code versions prior to 0.7.0

Description The issue allows users with appropriate file access to obtain unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials can be used by malicious attackers to perform unauthorized actions.

Recommendations For versions prior to 0.7.0, update to version 0.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the binary file that stores user credentials to minimize the risk of exploitation.