Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2019-18212
- EPSS 0.55%
- Published 23.10.2019 22:15:10
- Last modified 21.11.2024 04:32:50
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory ...
8.8
CVE-2019-18213
- EPSS 0.62%
- Published 23.10.2019 22:15:10
- Last modified 21.11.2024 04:32:50
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiati...
1