Vulnerabilities > CVE-2021-28956 - Unspecified vulnerability in Sass Lint Project Sass Lint

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
sass-lint-project

Summary

The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Vulnerable Configurations

Part Description Count
Application
Sass_Lint_Project
1