Moderate severityNVD Advisory· Published Feb 18, 2022· Updated Aug 2, 2024
CVE-2022-0672
CVE-2022-0672
Description
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.eclipse.lemminx:lemminx-parentMaven | < 0.19.0 | 0.19.0 |
Affected products
2- LemMinX/LemMinXdescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-hrxv-694f-22g3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-0672ghsaADVISORY
- github.com/eclipse/lemminx/blob/master/CHANGELOG.mdghsax_refsource_MISCWEB
- github.com/eclipse/lemminx/commit/076b88052c2a63f60a98ef4b45e3e38c217b70aeghsaWEB
- github.com/eclipse/lemminx/pull/1174ghsaWEB
News mentions
0No linked articles in our index yet.