QwikSec

Security Database

CVE

CWE

Training

CVE-2021-28956

Published: Mar 22, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/glen-84/vscode-sass-lint/releases

x_refsource_MISC

https://marketplace.visualstudio.com/items/glen-84.sass-lint/changelog

x_refsource_MISC

https://github.com/glen-84/vscode-sass-lint/compare/v1.0.6...v1.0.7

x_refsource_MISC

https://vuln.ryotak.me/advisories/1

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.