Users with appropriate file access may be able to access unencrypted user credentials saved by MongoDB Extension for VS Code in a binary file. These credentials may be used by malicious attackers to perform unauthorized actions. This vulnerability affects all MongoDB Extension for VS Code including and prior to version 0.7.0
{
"cpe": "cpe:2.3:a:mongodb:mongodb:*:*:*:*:*:visual_studio_code:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "0.7.0"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}