25 matches found
CVE-2022-0672
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
CVE-2022-0673
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...
EUVD-2021-21091
Malware in sbrugna...
EUVD-2022-1014
Malicious code in bioql PyPI...
EUVD-2022-1055
Malicious code in bioql PyPI...
CVE-2021-34436
In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution and XXE via the theia-xml-extension. This extension uses lsp4xml recently renamed to LemMinX in order to provide language support for XML. This is installed by default...
GHSA-HRXV-694F-22G3 Exposure of Sensitive Information to an Unauthorized Actor in LemMinX
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
Exposure of Sensitive Information to an Unauthorized Actor in LemMinX
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
Path Traversal in LemMinX
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files is possible due to directory traversal...
GHSA-GGGP-GH2P-996X Path Traversal in LemMinX
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files is possible due to directory traversal...
CVE-2022-0672
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
CVE-2022-0673
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...
CVE-2022-0672
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
CVE-2022-0673
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...
Design/Logic Flaw
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
CVE-2022-0673
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...
CVE-2022-0673
CVE-2022-0673 affects LemMinX versions prior to 0.19.0. The vulnerability is a directory traversal flaw that enables cache poisoning of external schema files. This is documented across multiple sources (Red Hat CVE, GHSA advisory, OSV, CVE listings) with the root cause stated as cache poisoning o...
CVE-2022-0672
A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user...
CVE-2022-0672
Summary: CVE-2022-0672 affects LemMinX versions prior to 0.19.0, with an insecure redirect that could allow unauthorized access to sensitive information locally when LemMinX runs under a privileged user. What’s affected: LemMinX (
LemMinX 路径遍历漏洞
LemMinX is an open source Xml language server from the Eclipse Foundation. It can be used with any editor that supports the protocol, thus providing good support for the Xml language. A security vulnerability exists in LemMinX that stems from a directory traversal flaw found in versions of LemMin...