Vulnerabilities > CVE-2021-28793 - Incorrect Authorization vulnerability in Lextudio Restructuredtext

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

lextudio

CWE-863

critical

NVD

Published: 2021-04-20

Updated: 2021-04-23

Summary

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration.

Vulnerable Configurations

Part	Description	Count
Application	Lextudio Lextudio Restructuredtext - Lextudio Restructuredtext 0.0.1 Lextudio Restructuredtext 0.0.2 Lextudio Restructuredtext 0.0.3 Lextudio Restructuredtext 0.0.4 Lextudio Restructuredtext 0.0.5 Lextudio Restructuredtext 0.0.6 Lextudio Restructuredtext 0.0.7 Lextudio Restructuredtext 0.0.8 Lextudio Restructuredtext 0.0.9 Lextudio Restructuredtext 0.0.10 Lextudio Restructuredtext 0.0.11 Lextudio Restructuredtext 0.0.12 Lextudio Restructuredtext 0.0.13 Lextudio Restructuredtext 0.0.14 Lextudio Restructuredtext 0.0.15 Lextudio Restructuredtext 0.0.16 Lextudio Restructuredtext 0.0.17 Lextudio Restructuredtext 0.0.18 Lextudio Restructuredtext 0.0.19 Lextudio Restructuredtext 0.0.20 Lextudio Restructuredtext 0.0.21 Lextudio Restructuredtext 0.0.22 Lextudio Restructuredtext 0.0.23 Lextudio Restructuredtext 24.0 Lextudio Restructuredtext 25.0 Lextudio Restructuredtext 26.0 Lextudio Restructuredtext 27.0.0 Lextudio Restructuredtext 28.0.0 Lextudio Restructuredtext 29.0.0 Lextudio Restructuredtext 30.0.0 Lextudio Restructuredtext 31.0.0 Lextudio Restructuredtext 32.0.0 Lextudio Restructuredtext 33.0.0 Lextudio Restructuredtext 34.0.0 Lextudio Restructuredtext 35.0.0 Lextudio Restructuredtext 36.0.0 Lextudio Restructuredtext 37.0.0 Lextudio Restructuredtext 38.0.0 Lextudio Restructuredtext 39.0.0 Lextudio Restructuredtext 40.0.0 Lextudio Restructuredtext 41.0.0 Lextudio Restructuredtext 42.0.0 Lextudio Restructuredtext 43.0.0 Lextudio Restructuredtext 44.0.0 Lextudio Restructuredtext 45.0.0 Lextudio Restructuredtext 46.0.0 Lextudio Restructuredtext 47.0.0 Lextudio Restructuredtext 48.0.0 Lextudio Restructuredtext 49.0.0 Lextudio Restructuredtext 50.0.0 Lextudio Restructuredtext 51.0.0 Lextudio Restructuredtext 52.0.0 Lextudio Restructuredtext 53.0.0 Lextudio Restructuredtext 54.0.0 Lextudio Restructuredtext 55.0.0 Lextudio Restructuredtext 56.0.0 Lextudio Restructuredtext 57.0.0 Lextudio Restructuredtext 58.0.0 Lextudio Restructuredtext 59.0.0 Lextudio Restructuredtext 60.0.0 Lextudio Restructuredtext 61.0.0 Lextudio Restructuredtext 62.0.0 Lextudio Restructuredtext 63.0.0 Lextudio Restructuredtext 64.0.0 Lextudio Restructuredtext 65.0.0 Lextudio Restructuredtext 66.0.0 Lextudio Restructuredtext 67.0.0 Lextudio Restructuredtext 68.0.0 Lextudio Restructuredtext 69.0.0 Lextudio Restructuredtext 70.0.0 Lextudio Restructuredtext 71.0.0 Lextudio Restructuredtext 72.0.0 Lextudio Restructuredtext 73.0.0 Lextudio Restructuredtext 74.0.0 Lextudio Restructuredtext 75.0.0 Lextudio Restructuredtext 76.0.0 Lextudio Restructuredtext 77.0.0 Lextudio Restructuredtext 78.0.0 Lextudio Restructuredtext 79.0.0 Lextudio Restructuredtext 80.0.0 Lextudio Restructuredtext 81.0.0 Lextudio Restructuredtext 82.0.0 Lextudio Restructuredtext 83.0.0 Lextudio Restructuredtext 84.0.0 Lextudio Restructuredtext 85.0.0 Lextudio Restructuredtext 86.0.0 Lextudio Restructuredtext 87.0.0 Lextudio Restructuredtext 88.0.0 Lextudio Restructuredtext 89.0.0 Lextudio Restructuredtext 90.0.0 Lextudio Restructuredtext 91.0.0 Lextudio Restructuredtext 92.0.0 Lextudio Restructuredtext 93.0.0 Lextudio Restructuredtext 94.0.0 Lextudio Restructuredtext 95.0.0 Lextudio Restructuredtext 96.0.0 Lextudio Restructuredtext 97.0.0 Lextudio Restructuredtext 98.0.0 Lextudio Restructuredtext 99.0.0 Lextudio Restructuredtext 100.0.0 Lextudio Restructuredtext 101.0.0 Lextudio Restructuredtext 102.0.0 Lextudio Restructuredtext 103.0.0 Lextudio Restructuredtext 104.0.0 Lextudio Restructuredtext 105.0.0 Lextudio Restructuredtext 106.0.0 Lextudio Restructuredtext 107.0.0 Lextudio Restructuredtext 108.0.0 Lextudio Restructuredtext 109.0.0 Lextudio Restructuredtext 110.0.0 Lextudio Restructuredtext 111.0.0 Lextudio Restructuredtext 112.0.0 Lextudio Restructuredtext 113.0.0 Lextudio Restructuredtext 114.0.0 Lextudio Restructuredtext 115.0.0 Lextudio Restructuredtext 116.0.0 Lextudio Restructuredtext 117.0.0 Lextudio Restructuredtext 118.0.0 Lextudio Restructuredtext 119.0.0 Lextudio Restructuredtext 120.0.0 Lextudio Restructuredtext 121.0.0 Lextudio Restructuredtext 122.0.0 Lextudio Restructuredtext 123.0.0 Lextudio Restructuredtext 124.0.0 Lextudio Restructuredtext 125.0.0 Lextudio Restructuredtext 126.0.0 Lextudio Restructuredtext 127.0.0 Lextudio Restructuredtext 128.0.0 Lextudio Restructuredtext 129.0.0 Lextudio Restructuredtext 130.0.0 Lextudio Restructuredtext 131.0.0 Lextudio Restructuredtext 132.0.0 Lextudio Restructuredtext 133.0.0 Lextudio Restructuredtext 134.0.0 Lextudio Restructuredtext 135.0.0 Lextudio Restructuredtext 136.0.0 Lextudio Restructuredtext 137.0.0 Lextudio Restructuredtext 138.0.0 Lextudio Restructuredtext 139.0.0 Lextudio Restructuredtext 140.0.0 Lextudio Restructuredtext 141.0.0 Lextudio Restructuredtext 142.0.0 Lextudio Restructuredtext 143.0.0 Lextudio Restructuredtext 144.0.0 Lextudio Restructuredtext 145.0.0 Lextudio Restructuredtext 146.0.0	147

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References