CVE-2024-7738

Name of the Vulnerable Software and Affected Versions yzane vscode-markdown-pdf version 1.5.0

Description A problematic issue has been found in the Markdown File Handler component, leading to pathname traversal. The manipulation requires a local attack. The exploit has been disclosed to the public and may be used.

Recommendations For yzane vscode-markdown-pdf version 1.5.0, consider disabling the Markdown File Handler component until a patch is available to prevent pathname traversal attacks. Restrict local access to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.