{"id":"CVE-2019-18212","details":"XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.","modified":"2026-04-10T04:13:12.810323Z","published":"2019-10-23T22:15:10.867Z","references":[{"type":"WEB","url":"https://github.com/angelozerr/lsp4xml/"},{"type":"ADVISORY","url":"https://marketplace.visualstudio.com/items?itemName=redhat.vscode-xml"},{"type":"ADVISORY","url":"https://github.com/angelozerr/lsp4xml/blob/master/CHANGELOG.md#others"},{"type":"FIX","url":"https://github.com/redhat-developer/vscode-xml/"},{"type":"FIX","url":"https://github.com/angelozerr/lsp4xml/pull/567"},{"type":"EVIDENCE","url":"https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/angelozerr/lsp4xml","events":[{"introduced":"0"},{"fixed":"bfbd50a13179fb3caed27655564a9202c2e86c72"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.9.1"}]}}],"versions":["0.3.0","0.4.0","0.5.0","0.5.1","0.6.0","0.7.0","0.9.0","v0.0.1","v0.0.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-18212.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}