Vulnerability Details CVE-2019-0728
A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.116
EPSS Ranking 93.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- http://seclists.org/fulldisclosure/2019/Apr/38
- http://www.openwall.com/lists/oss-security/2019/04/30/4
- http://www.securityfocus.com/bid/106913
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728
- http://seclists.org/fulldisclosure/2019/Apr/38
- http://www.openwall.com/lists/oss-security/2019/04/30/4
- http://www.securityfocus.com/bid/106913
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728
Products affected by CVE-2019-0728
-
cpe:2.3:a:microsoft:visual_studio_code:-