Oct 2024: Visual Studio Code for Linux Remote Code Execution Vulnerability
CVE-2024-43601 Published on October 8, 2024

Visual Studio Code for Linux Remote Code Execution Vulnerability
Visual Studio Code for Linux Remote Code Execution Vulnerability

Vendor Advisory NVD

Weakness Type

What is a Command Injection Vulnerability?

The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

CVE-2024-43601 has been classified to as a Command Injection vulnerability or weakness.

Products Associated with CVE-2024-43601

stack.watch emails you whenever new vulnerabilities are published in Microsoft Visual Studio Code or Microsoft Visual Studio Code For Linux. Just hit a watch button to start following.

Microsoft Visual Studio Code

Microsoft Visual Studio Code For Linux

Affected Versions

Microsoft Visual Studio Code for Linux:

Version 1.0.0 and below 1.94.1 is affected.

Exploit Probability

EPSS

1.00%

Percentile

58.19%