Glad this was found due to the open source nature of vscode, who knows how long something like this could have festered if someone malicious found it via decompiling and reverse engineering.

Open source is great at finding vonurabilities fast and fixing them, but I can understand the idea behind closed source code taking longer to find but longer to become public, and be fixed