First published: Fri Feb 18 2022(Updated: )
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Eclipse Lemminx | <0.19.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-0673.
The severity of CVE-2022-0673 is medium (6.5).
The affected software for CVE-2022-0673 is Eclipse LemMinX versions prior to 0.19.0.
The vulnerability in LemMinX allows cache poisoning of external schema files due to directory traversal.
To fix CVE-2022-0673, upgrade to LemMinX version 0.19.0 or later.