Microsoft Workspace Tools
By the Year
In 2024 there have been 0 vulnerabilities in Microsoft Workspace Tools . Workspace Tools did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 9.80 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Workspace Tools vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Workspace Tools Security Vulnerabilities
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection
CVE-2022-25865
9.8 - Critical
- May 13, 2022
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.
Argument Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Workspace Tools or by Microsoft? Click the Watch button to subscribe.
