[security] Vulnerability in Visual Studio Code Go extension
27 views
Skip to first unread message
Roland Shoemaker
11:11 AM (4 hours ago) 11:11 AM
to golang-...@googlegroups.com
Hello gophers,
We have released versions v0.52.1 (regular) and v0.53.0 (pre-release) of the Visual Studio Code vscode-go extension (also known as vscode-go) in order to address a security issue.
This release fixes unexpected behavior when operating in Restricted Mode. To prevent accidental untrusted code execution, the extension is now disabled in Restricted Mode.
This is CVE-2025-68120.
We have released versions v0.52.1 (regular) and v0.53.0 (pre-release) of the Visual Studio Code vscode-go extension (also known as vscode-go) in order to address a security issue.
This release fixes unexpected behavior when operating in Restricted Mode. To prevent accidental untrusted code execution, the extension is now disabled in Restricted Mode.
This is CVE-2025-68120.
Visual Code Studio should automatically update the extension to the new version, if it is installed. To manually update the extension see https://code.visualstudio.com/docs/configure/extensions/extension-marketplace#_update-an-extension-manually.
Cheers,
Go Security Team
Reply all
Reply to author
Forward
0 new messages