Skip to content

Unconfirmed Remote Host Connection via Workspace File #320645

Description

@alexdima

VS Code - Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in VS Code 1.123.0 and earlier versions where a user who is tricked into opening a crafted .code-workspace file containing a direct host:port remote authority could have their extension host backend silently connected to an attacker-controlled server without confirmation.

Patches

The fix is available starting with VS Code 1.123.1. The fix (9505d0f) mitigates this by prompting the user for confirmation before connecting to any non-loopback remote host:port authority.

Workarounds

Avoid opening .code-workspace files from untrusted sources.

References

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions