First published: Tue Jul 11 2023(Updated: )
Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Github Pull Requests And Issues | <0.66.2 | |
Microsoft Visual Studio Code - GitHub Pull Requests and Issues Extension |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-36867 is a Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability.
CVE-2023-36867 vulnerability has a severity level of high (7).
The Visual Studio Code GitHub Pull Requests and Issues Extension version 0.66.2 and prior are affected by CVE-2023-36867 vulnerability.
To fix CVE-2023-36867 vulnerability, update the Visual Studio Code GitHub Pull Requests and Issues Extension to a version higher than 0.66.2.
You can find more information about CVE-2023-36867 vulnerability at the Microsoft Security Response Center (MSRC) website.