This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js.