CNNVD-202507-3761 Information

CNNVD ID

CNNVD-202507-3761

Related CVE

CVE-2025-8217

• CNNVD Published: 2025-07-30

Description (Chinese)

Amazon Q Developer Visual Studio Code extension是美国亚马逊（Amazon）公司的一款VS Code中的扩展。 Amazon Q Developer Visual Studio Code extension v1.84.0版本存在安全漏洞，该漏洞源于注入代码语法错误导致API调用失败。

Description (English)

Amazon Q Developer Vital Studio Code extension is an extension of VS Code of Amazon America. A security loophole exists in the version Amazon Q Developer Video Code export v1.84.0, which results from a code grammatical error that caused the API call failure.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

亚马逊

Published

2025-07-30

Last Modified

2026-02-24

References

https://github.com/aws/aws-toolkit-vscode/security/advisories/GHSA-7g7f-ff96-5gcw https://aws.amazon.com/security/security-bulletins/AWS-2025-015/ https://access.redhat.com/security/cve/cve-2025-8217

Patch

https://github.com/aws/aws-toolkit-vscode/releases