Description
A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal.
Remediation
References
https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022
Related Vulnerabilities
CVE-2023-36106 Vulnerability in maven package tech.powerjob:powerjob
CVE-2021-41183 Vulnerability in npm package jquery-ui
CVE-2023-48219 Vulnerability in maven package org.webjars.npm:tinymce
CVE-2020-2257 Vulnerability in maven package org.jenkins-ci.plugins:validating-string-parameter
CVE-2020-35451 Vulnerability in maven package org.apache.oozie:oozie-tools