CVE-2021-29261

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-29261

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29261.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-29261

Withdrawn

2024-09-03T04:41:30.011668Z

Published

2021-04-05T07:15:14Z

Modified

2024-09-02T01:11:09.146331Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration.

References

Affected packages

Git / github.com/sveltejs/language-tools

Affected ranges

Type: GIT
Repo: https://github.com/sveltejs/language-tools
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5d7bf1fd98bfe2cd2080863a3c95ce099b898075

Affected versions

100.*

100.0.0

100.0.1

100.0.2

100.1.0

101.*

101.0.0

101.1.0

101.1.1

101.10.0

101.11.0

101.11.1

101.12.0

101.12.1

101.12.2

101.13.0

101.13.1

101.14.0

101.2.0

101.3.0

101.4.0

101.5.0

101.6.0

101.7.0

101.7.1

101.8.0

101.9.0

101.9.1

101.9.2

101.9.3

102.*

102.0.0

102.1.0

102.1.1

102.2.0

102.3.0

102.4.0

102.5.0

102.5.1

102.6.0

102.7.0

102.8.0

103.*

103.0.0

104.*

104.0.0

104.1.0

104.1.1

extensions-104.*

extensions-104.2.1

extensions-104.3.0

extensions-104.4.0

extensions-104.4.1

extensions-104.4.2

extensions-104.4.3

extensions-104.4.4

extensions-104.5.0

extensions-104.6.0

extensions-104.6.1

extensions-104.6.2

extensions-104.6.3

extensions-104.6.4

extensions-104.7.0

svelte-check-1.*

svelte-check-1.1.31

svelte-check-1.1.32

svelte-check-1.1.33

svelte-check-1.1.34

svelte-check-1.1.35

svelte-check-1.1.36

svelte-check-1.2.0

svelte-check-1.2.1

svelte-check-1.2.2

svelte-check-1.2.3

svelte-check-1.2.4

svelte-check-1.2.5

svelte-check-1.2.6