Описание
Server-Side Request Forgery and Uncontrolled Resource Consumption in LemMinX
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.
Пакеты
Наименование
org.eclipse.lemminx:lemminx-parent
maven
Затронутые версииВерсия исправления
< 0.19.0
0.19.0
Связанные уязвимости
CVSS3: 9.1
nvd
почти 4 года назад
A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.