May 2020:
CVE-2020-1171 Published on May 21, 2020
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192.
Products Associated with CVE-2020-1171
stack.watch emails you whenever new vulnerabilities are published in Microsoft Visual Studio Code or Microsoft Python. Just hit a watch button to start following.
Affected Versions
Microsoft Visual Studio Code Version unspecified is affected by CVE-2020-1171Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.