High severity8.8NVD Advisory· Published Mar 22, 2021· Updated Jun 17, 2026
CVE-2021-28956
CVE-2021-28956
Description
The unofficial vscode-sass-lint (aka Sass Lint) extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Visual Studio Code/vscode-sass-lintdescription
- Range: <=1.0.7
Patches
Vulnerability mechanics
References
4- github.com/glen-84/vscode-sass-lint/compare/v1.0.6...v1.0.7nvdPatchRelease NotesThird Party Advisory
- github.com/glen-84/vscode-sass-lint/releasesnvdRelease NotesThird Party Advisory
- marketplace.visualstudio.com/items/glen-84.sass-lint/changelognvdRelease NotesVendor Advisory
- vuln.ryotak.me/advisories/1nvdThird Party Advisory
News mentions
0No linked articles in our index yet.