[ASA-202107-34] code: arbitrary code execution
diabonas at archlinux.org
Tue Jul 20 19:29:46 UTC 2021
Arch Linux Security Advisory ASA-202107-34
Date : 2021-07-20
CVE-ID : CVE-2021-31211 CVE-2021-31214
Package : code
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-1963
The package code before version 1.58.0-1 is vulnerable to arbitrary
Upgrade to 1.58.0-1.
# pacman -Syu "code>=1.58.0-1"
The problems have been fixed upstream in version 1.58.0.
- CVE-2021-31211 (arbitrary code execution)
An arbitrary code execution vulnerability through crafted remote
terminal settings has been found in Visual Studio Code before version
- CVE-2021-31214 (arbitrary code execution)
An arbitrary code execution vulnerability in the Grunt, Gulp and Jake
task auto detection has been found in Visual Studio Code before version
An attacker could execute arbitrary code through crafted remote
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the arch-security