I was finally credited for CVE-2019-1414, a local command execution in Visual Studio Code that could have been used for privilege escalation purposes. Thanks to @msftsecresponse for updating the advisory. :) https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1414 …
-
-
No worries Tavis! I am simply honored to be mentioned in the credits with you. :)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Btw nice research
@taviso, looks incredible it went unnoticed for such a long time
-
Personally I saw by chance the entire vscode command line via htop and because I spent long time as NodeJS dev I was already aware of the meaning of the `--inspect` switch.https://nodejs.org/en/docs/guides/debugging-getting-started/ …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.