RCE in NPM VSCode Extension
RCE in NPM VSCode Extension Fixed 10th February 2021 in githubcom/microsoft/vscode-npm-scripts/commit/cdd5e507564e0cc0f60bcccf184822be3fd73e07 msrcmicrosoftcom/update-guide/vulnerability/CVE-2021-26700 Summary Remote code execution vulnerability in the eg2vscode-npm-script (Tested on version 0313) VSCode extension means that a malicious vscode/settingsjs