Vulnerabilities > CVE-2021-29658 - Unspecified vulnerability in Vscode-Rufo Project Vscode-Rufo 0.0.1/0.0.2/0.0.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The unofficial vscode-rufo extension before 0.0.4 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace folder.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
References
- https://github.com/jnbt/vscode-rufo/commit/bc0d212436f76d12cbdab287802fa5bc743f818a
- https://github.com/jnbt/vscode-rufo/commit/bc0d212436f76d12cbdab287802fa5bc743f818a
- https://marketplace.visualstudio.com/items/jnbt.vscode-rufo/changelog
- https://marketplace.visualstudio.com/items/jnbt.vscode-rufo/changelog
- https://vuln.ryotak.me/advisories/8
- https://vuln.ryotak.me/advisories/8