Description

To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.

Related CPE's

a

go

go

*

*

*

*

*

visual_studio_code

Vulnerable

References

https://groups.google.com/g/golang-dev/c/CHG4qfcicBU/m/4tanFUymDQAJ

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2025-68120

Third Party Advisory

https://pkg.go.dev/vuln/GO-2025-4249

Vendor Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

5.4 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2025-12-30T00:15:52.333Z

2 weeks ago

Last modified

2026-01-06T16:17:16.943Z

1 week ago