Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-23308HistoryFeb 26, 2022 - 5:15 a.m.
CVE-2022-23308
2022-02-2605:15:08
Debian Security Bug Tracker
security-tracker.debian.org
40
libxml2
use-after-free
id
idref
attributes
security vulnerability
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.005
Percentile
75.7%
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libxml2 | <Β 2.9.13+dfsg-1 | libxml2_2.9.13+dfsg-1_all.deb |
| Debian | 11 | all | libxml2 | <Β 2.9.10+dfsg-6.7+deb11u1 | libxml2_2.9.10+dfsg-6.7+deb11u1_all.deb |
| Debian | 999 | all | libxml2 | <Β 2.9.13+dfsg-1 | libxml2_2.9.13+dfsg-1_all.deb |
| Debian | 13 | all | libxml2 | <Β 2.9.13+dfsg-1 | libxml2_2.9.13+dfsg-1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 35 Update: libxml2-2.9.13-1.fc35
2022-02-24 23:09:27
[SECURITY] Fedora 34 Update: libxml2-2.9.13-1.fc34
2022-03-08 21:33:04
nessus
nessus
Oracle Linux 8 : libxml2 (ELSA-2022-0899)
2022-03-16 00:00:00
EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2022-1541)
2022-04-25 00:00:00
EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2022-1741)
2022-05-26 00:00:00
mageia
mageia
Updated libxml2 packages fix security vulnerability
2022-03-06 13:40:17
oraclelinux
oraclelinux
libxml2 security update
2022-03-16 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2022-059-01)
2022-04-21 00:00:00
Fedora: Security Advisory for libxml2 (FEDORA-2022-b661dea83d)
2022-02-25 00:00:00
redhatcve
redhatcve
CVE-2022-23308
2022-02-22 11:31:34
almalinux
almalinux
Moderate: libxml2 security update
2022-03-15 09:12:39
veracode
veracode
Use After Free
2022-02-28 13:21:21
ubuntucve
ubuntucve
CVE-2022-23308
2022-02-26 00:00:00
redos
redos
ROS-20220315-01
2022-03-15 00:00:00
cvelist
cvelist
CVE-2022-23308
2022-02-26 00:00:00
cloudfoundry
cloudfoundry
USN-5324-1: libxml2 vulnerability | Cloud Foundry
2022-05-23 00:00:00
USN-5422-1: libxml2 vulnerabilities | Cloud Foundry
2022-07-29 00:00:00
ubuntu
ubuntu
libxml2 vulnerability
2022-03-14 00:00:00
libxml2 vulnerabilities
2022-05-16 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in libxml2 affects IBM Integrated Analytics System [CVE-2022-23308]
2024-09-26 14:16:41
slackware
slackware
[slackware-security] libxml2
2022-03-01 05:14:36
f5
f5
K32760744 : libxml2 vulnerability CVE-2022-23308
2022-05-25 00:00:00
cnvd
cnvd
libxml2 Resource Management Error Vulnerability (CNVD-2022-21487)
2022-02-23 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-23308 affecting package libxml2 2.9.12-1
2022-03-19 16:40:53
CVE-2022-23308 affecting package libxml2 for versions less than 2.9.13-1
2022-04-09 06:51:46
osv
osv
Moderate: libxml2 security update
2022-03-15 09:12:39
libxml2 vulnerability
2022-03-14 11:01:02
Moderate: libxml2 security update
2022-03-15 09:12:39
prion
prion
Design/Logic Flaw
2022-02-26 05:15:00
suse
suse
Security update for python-libxml2-python (important)
2022-03-10 00:00:00
Security update for libxml2 (important)
2022-07-26 00:00:00
Security update for libxml2 (important)
2022-05-19 00:00:00
cve
cve
CVE-2022-23308
2022-02-26 05:15:08
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-23308
2022-03-14 11:04:40
amazon
amazon
Medium: libxml2
2022-07-19 01:21:00
Medium: libxml2
2023-04-27 16:19:00
rocky
rocky
libxml2 security update
2022-03-15 09:12:39
alpinelinux
alpinelinux
CVE-2022-23308
2022-02-26 05:15:08
redhat
redhat
(RHSA-2022:0899) Moderate: libxml2 security update
2022-03-15 09:12:39
nvd
nvd
CVE-2022-23308
2022-02-26 05:15:08
gentoo
gentoo
libxml2: Multiple Vulnerabilities
2022-10-16 00:00:00
github
github
Vulnerable dependencies in Nokogiri
2022-02-25 20:32:09
photon
photon
Important Photon OS Security Update - PHSA-2022-0167
2022-03-29 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0167
2022-03-29 00:00:00
Important Photon OS Security Update - PHSA-2022-0477
2022-03-04 00:00:00
rubygems
rubygems
Update packaged libxml2 (2.9.12 β 2.9.13) and libxslt (1.1.34 β 1.1.35)
2022-02-20 21:00:00
altlinux
altlinux
debian
debian
[SECURITY] [DLA 2972-1] libxml2 security update
2022-04-08 21:17:02
rosalinux
rosalinux
Advisory ROSA-SA-2024-2356
2024-02-20 10:05:34
ics
ics
βSiemens SINAMICS Medium Voltage Products
2023-06-15 12:00:00
Siemens SCALANCE, RUGGEDCOM Third-Party
2023-03-16 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
apple
apple
About the security content of watchOS 8.6
2022-05-16 00:00:00
About the security content of tvOS 15.5
2022-05-16 00:00:00
About the security content of Security Update 2022-004 Catalina
2022-05-16 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.005
Percentile
75.7%
Related for DEBIANCVE:CVE-2022-23308