Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX’s pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the registry.
“The pipeline had a single boolean return value that meant both ‘no scanners are configured’ and ‘all scanners failed to run,'” Koi
Source link
Posted inTechnology
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Posted by
No Comments
No Comments
Post navigation
Previous Post
A Switch 2 version of Devil May Cry 5 has been rated