VYPR

Maven package

org.eclipse.lemminx/lemminx-parent

pkg:maven/org.eclipse.lemminx/lemminx-parent

Vulnerabilities (3)

  • CVE-2022-0673Feb 18, 2022
    affected < 0.19.0fixed 0.19.0

    A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal.

  • CVE-2022-0672Feb 18, 2022
    affected < 0.19.0fixed 0.19.0

    A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user.

  • CVE-2022-0671Feb 18, 2022
    affected < 0.19.0fixed 0.19.0

    A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.