[manjaro-security] [ASA-202107-34] code: arbitrary code execution
Jonas Witschel via arch-security
arch-security at lists.archlinux.org
Tue Jul 20 21:29:46 CEST 2021
Arch Linux Security Advisory ASA-202107-34
Date : 2021-07-20
CVE-ID : CVE-2021-31211 CVE-2021-31214
Package : code
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-1963
The package code before version 1.58.0-1 is vulnerable to arbitrary
Upgrade to 1.58.0-1.
# pacman -Syu "code>=1.58.0-1"
The problems have been fixed upstream in version 1.58.0.
- CVE-2021-31211 (arbitrary code execution)
An arbitrary code execution vulnerability through crafted remote
terminal settings has been found in Visual Studio Code before version
- CVE-2021-31214 (arbitrary code execution)
An arbitrary code execution vulnerability in the Grunt, Gulp and Jake
task auto detection has been found in Visual Studio Code before version
An attacker could execute arbitrary code through crafted remote
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the manjaro-security