A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'.Referenceshttp://www.securityfocus.com/bid/106913https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728http://www.openwall.com/lists/oss-security/2019/04/30/4http://seclists.org/fulldisclosure/2019/Apr/38
