Description
A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when it validates source code after opening a project, aka 'Visual Studio Code ESLint Extention Remote Code Execution Vulnerability'.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Visual Studio Code ESLint extension | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Wed, 20 Aug 2025 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Microsoft eslint
|
|
| CPEs | cpe:2.3:a:microsoft:eslint:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Microsoft visual Studio Code Eslint Extension
|
Microsoft eslint
|
MITRE
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2024-08-04T06:39:09.682Z
Reserved: 2019-11-04T00:00:00.000Z
Link: CVE-2020-1481
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-14T23:15:20.997
Modified: 2025-08-20T13:05:15.427
Link: CVE-2020-1481
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses