vulnerability

FreeBSD: VID-f0250129-fdb8-41ed-aa9e-661ff5026845 (CVE-2023-33144): vscode -- VS Code Information Disclosure Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:M/Au:S/C:C/I:C/A:N)	Jun 13, 2023	Jun 14, 2023	Dec 10, 2025

Severity

CVSS

(AV:L/AC:M/Au:S/C:C/I:C/A:N)

Published

Jun 13, 2023

Added

Jun 14, 2023

Modified

Dec 10, 2025

Description

VSCode developers reports: VS Code Information Disclosure Vulnerability A information disclosure vulnerability exists in VS Code 1.79.0 and earlier versions on Windows when file system operations are performed on malicious UNC paths. Examples include reading or resolving metadata of such paths. An authorised attacker must send the user a malicious file and convince the user to open it for the vulnerability to occur. Exploiting this vulnerability could allow the disclosure of NTLM hashes.

Solution

freebsd-upgrade-package-vscode

References

CVE-2023-33144
https://attackerkb.com/topics/CVE-2023-33144
CWE-23

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today