Critical severityNVD Advisory· Published Feb 18, 2022· Updated Aug 2, 2024
CVE-2022-0671
CVE-2022-0671
Description
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.eclipse.lemminx:lemminx-parentMaven | < 0.19.0 | 0.19.0 |
Affected products
2- vscode-xml/vscode-xmldescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-52vv-3vf7-f7whghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-0671ghsaADVISORY
- github.com/eclipse/lemminx/blob/master/CHANGELOG.mdghsax_refsource_MISCWEB
- github.com/eclipse/lemminx/issues/1169ghsaWEB
- github.com/redhat-developer/vscode-xml/blob/master/CHANGELOG.mdghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.