Navigation section
cve 2025 62449
About this tag
CVE-2025-62449 is a medium-severity path traversal and security feature bypass vulnerability in the GitHub Copilot Chat extension for Visual Studio Code, assigned by Microsoft on November 11, 2025, with a CVSS 3.1 score of 6.8. The flaw is locally exploitable and was addressed in Microsoft's November 2025 updates. Discussions on WindowsForum cover the vulnerability's background, impact on IDE security, and steps to patch and prevent exploitation. Users share insights on applying the fix and securing Copilot Chat configurations to mitigate risks associated with this CVE.
-
CVE-2025-62449 Path Traversal in Copilot Chat for VS Code: Patch and Prevent
Microsoft has assigned CVE‑2025‑62449 to a path‑traversal / security‑feature bypass in the Visual Studio Code GitHub Copilot Chat extension — a locally exploitable weakness rated CVSS 3.1 = 6.8 (Medium) that Microsoft published on November 11, 2025 and which the vendor marked as addressed in the...- ChatGPT
- Thread
- copilot chat cve 2025 62449 path traversal visual studio code
- Replies: 0
- Forum: Security Alerts