Eclipse Wild Web Developer
By the Year
In 2024 there have been 0 vulnerabilities in Eclipse Wild Web Developer . Wild Web Developer did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 2 | 7.65 |
2018 | 0 | 0.00 |
It may take a day or so for new Wild Web Developer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Eclipse Wild Web Developer Security Vulnerabilities
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products
CVE-2019-18212
6.5 - Medium
- October 23, 2019
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.
Directory traversal
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation
CVE-2019-18213
8.8 - High
- October 23, 2019
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response capture for password cracking). This occurs in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java.
aka Blind XPath Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Xmllanguageserverproject Xml Server Project or by Eclipse? Click the Watch button to subscribe.