FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7913fe6d-2c6e-40ba-a7d7-35696f3db2b6	vscode -- Visual Studio Code Information Disclosure Vulnerability secure@microsoft.com reports: Visual Studio Code Information Disclosure Vulnerability A information disclosure vulnerability exists in VS Code 1.78.0 and earlier versions on Windows when file system operations are performed on malicious UNC paths. Examples include reading or resolving metadata of such paths. An authorised attacker must send the user a malicious file and convince the user to open it for the vulnerability to occur. Exploiting this vulnerability could allow the disclosure of NTLM hashes. Discovery 2023-05-09 Entry 2023-05-10 vscode < 1.78.1 CVE-2023-29338 https://nvd.nist.gov/vuln/detail/CVE-2023-29338 https://github.com/microsoft/vscode/security/advisories/GHSA-mmfh-4pv3-39hr

VuXML ID

Description

7913fe6d-2c6e-40ba-a7d7-35696f3db2b6

vscode -- Visual Studio Code Information Disclosure Vulnerability

secure@microsoft.com reports:

Visual Studio Code Information Disclosure Vulnerability

A information disclosure vulnerability exists in VS Code 1.78.0 and earlier versions on Windows when file system operations are performed on malicious UNC paths. Examples include reading or resolving metadata of such paths. An authorised attacker must send the user a malicious file and convince the user to open it for the vulnerability to occur. Exploiting this vulnerability could allow the disclosure of NTLM hashes.

Discovery 2023-05-09
Entry 2023-05-10
vscode

< 1.78.1

CVE-2023-29338
https://nvd.nist.gov/vuln/detail/CVE-2023-29338
https://github.com/microsoft/vscode/security/advisories/GHSA-mmfh-4pv3-39hr