vscode-stripe is an extension for Visual Studio Code. A vulnerability in Stripe for Visual Studio Code extension exists when it loads an untrusted source-code repository containing malicious settings. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. The update addresses the vulnerability by modifying the way the extension validates its settings.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-04-01T21:40:10
Updated: 2024-08-03T18:09:16.106Z
Reserved: 2020-12-22T00:00:00
Link: CVE-2021-21420
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-04-01T22:15:11.887
Modified: 2024-11-21T05:48:19.530
Link: CVE-2021-21420
Redhat
No data.