CVE-2021-28832

High

7.8/10

Summary

VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Apr 05, 2021