PT-2022-2656 · Microsoft · Visual Studio Code
Thomas Chauchefoin
·
Published
2022-05-10
·
Updated
2025-01-02
·
CVE-2022-30129
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Visual Studio Code versions prior to 1.67.1
Description
The vulnerability in Visual Studio Code is related to insufficient input validation. Exploitation of this issue may allow a remote attacker to execute arbitrary code.
Recommendations
For versions prior to 1.67.1, update to version 1.67.1 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable features or modules in Visual Studio Code until a patch is applied.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Visual Studio Code