CVE-2022-0671

CVE-2022-0671

Vendor N/A

Product vscode-xml

Weakness CWE-918 · SSRF

Published February 18, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.

Key dates

02Disclosure timeline

February 18, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-0671 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/918.html

Related vulnerabilities

04Related CVE

CVE-2024-31461 Plane Server-Side Request Forgery (SSRF) Vulnerability CVE-2026-50131 Fedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 ranges CVE-2021-40186 DNN CMS Server-Side Request Forgery (SSRF) CVE-2024-5014 WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure CVE-2026-32949 SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL