CVE-2022-0671
The connected sources confirm a vulnerability in vscode-xml prior to version 0.19.0 where downloading a schema can trigger blind SSRF or DoS via a large file. Affected component is the vscode-xml schema download/processing path; root cause is improper handling of externally downloaded schema data...