A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file.
{ "nvd_published_at": "2022-02-18T18:15:00Z", "github_reviewed_at": "2022-02-23T15:02:26Z", "severity": "CRITICAL", "github_reviewed": true, "cwe_ids": [ "CWE-400", "CWE-918" ] }