Description
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system
Remediation
References
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13279.json
https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/issues/170
Related Vulnerabilities
CVE-2020-2182 Vulnerability in maven package org.jenkins-ci.plugins:credentials-binding
CVE-2023-22457 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui
CVE-2019-17513 Vulnerability in maven package io.ratpack:ratpack-core
CVE-2023-36478 Vulnerability in maven package org.eclipse.jetty.http2:http2-hpack
CVE-2021-31404 Vulnerability in maven package com.vaadin:flow-server