code - Arch Linux

code - Arch Linux

Open

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2155	1.58.0-1		Medium	Vulnerable

Issue	Group	Severity	Remote	Type	Description
CVE-2021-34529	AVG-2155	Medium	No	Arbitrary code execution	Visual Studio Code Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-34528.
CVE-2021-34528	AVG-2155	Medium	Yes	Arbitrary code execution	A security issue has been found in Visual Studio Code. Using Git in untrusted workspaces could lead to arbitrary code execution. This CVE ID is unique from...
CVE-2021-34479	AVG-2155	Medium	No	Content spoofing	A security issue has been found in Microsoft Visual Studio. Guessable nonces in WebView could be abused for content spoofing.
CVE-2021-34477	AVG-2155	Medium	No	Privilege escalation	Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability.

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-1963	1.56.2-3	1.58.0-1	Medium	Fixed
AVG-1820	1.54.3-3		High	Not affected
AVG-1819	1.55.2-1	1.56.2-1	High	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2021-31214	AVG-1963	Medium	No	Arbitrary code execution	An arbitrary code execution vulnerability in the Grunt, Gulp and Jake task auto detection has been found in Visual Studio Code before version 1.57.0.
CVE-2021-31211	AVG-1963	Medium	Yes	Arbitrary code execution	An arbitrary code execution vulnerability through crafted remote terminal settings has been found in Visual Studio Code before version 1.57.0.
CVE-2021-28477	AVG-1819	High	Yes	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28475	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28473	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28471	AVG-1819	High	Yes	Arbitrary code execution	A remote code execution vulnerability has been found in the Remote Development extension for Visual Studio Code before version 1.56.0.
CVE-2021-28469	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-28457	AVG-1819	High	No	Arbitrary code execution	An arbitrary code execution vulnerability has been found in Visual Studio Code before version 1.56.0.
CVE-2021-27064	AVG-1820	High	No	Privilege escalation	An elevation of privilege vulnerability has been found in the Visual Studio Installer.

Advisories

Date	Advisory	Group	Severity	Type
20 Jul 2021	ASA-202107-34	AVG-1963	Medium	arbitrary code execution