libxml2.so is vulnerable to use after free. The vulnerability exists in ID and IDREF attributes of several functions in valid.c due to lack of validations of which leads to an application crash.

CPENameOperatorVersion
libxml2.sole2.9.12
libxml2:sideq2.9.10+dfsg-6.2
libxml2:3.15eq2.9.12-r2
libxml2:3.15eq2.9.12-r1
libxml2:3.14eq2.9.12-r1
libxml2:3.13eq2.9.10-r7
libxml2:3.13eq2.9.12-r0
libxml2:3.13eq2.9.10-r6
libxml2:3.12eq2.9.10-r4
libxml2:3.12eq2.9.10-r5

Name	Operator	Version
libxml2.so	le	2.9.12
libxml2:sid	eq	2.9.10+dfsg-6.2
libxml2:3.15	eq	2.9.12-r2
libxml2:3.15	eq	2.9.12-r1
libxml2:3.14	eq	2.9.12-r1
libxml2:3.13	eq	2.9.10-r7
libxml2:3.13	eq	2.9.12-r0
libxml2:3.13	eq	2.9.10-r6
libxml2:3.12	eq	2.9.10-r4
libxml2:3.12	eq	2.9.10-r5

Rows per page:

1-10 of 4601

References

seclists.org/fulldisclosure/2022/May/33

seclists.org/fulldisclosure/2022/May/34

seclists.org/fulldisclosure/2022/May/35

seclists.org/fulldisclosure/2022/May/36

seclists.org/fulldisclosure/2022/May/37

seclists.org/fulldisclosure/2022/May/38

github.com/advisories/GHSA-8v47-xfh7-92fh

github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e

gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS

lists.debian.org/debian-lts-announce/2022/04/msg00004.html

lists.fedoraproject.org/archives/list/[email protected]/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/

security.gentoo.org/glsa/202210-03

security.netapp.com/advisory/ntap-20220331-0008/

support.apple.com/kb/HT213253

support.apple.com/kb/HT213254

support.apple.com/kb/HT213255

support.apple.com/kb/HT213256

support.apple.com/kb/HT213257

support.apple.com/kb/HT213258

www.oracle.com/security-alerts/cpujul2022.html

redhatcve 1

nessus 45

almalinux 1

cloudfoundry 2

redos 1

openvas 36

cvelist 1

ubuntucve 1

ubuntu 2

fedora 2

cbl_mariner 2

osv 7

cloudlinux 1

suse 3

cve 1

redhat 12

amazon 2

rocky 1

nvd 1

alpinelinux 1

debiancve 1

oraclelinux 1

mageia 1

slackware 1

prion 1

cnvd 1

f5 1

photon 6

github 1

gentoo 1

rubygems 1

altlinux 1

ibm 8

debian 1

rosalinux 1

ics 3

apple 6

tenable 1

oracle 3

redhatcve

CVE-2022-23308

2022-02-22 11:31:34

nessus

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current libxml2 Vulnerability (SSA:2022-059-01)

2022-03-01 00:00:00

SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:1308-1)

2022-04-23 00:00:00

Amazon Linux 2 : libxml2 (ALAS-2022-1826)

2022-07-21 00:00:00

almalinux

Moderate: libxml2 security update

2022-03-15 09:12:39

cloudfoundry

USN-5324-1: libxml2 vulnerability | Cloud Foundry

2022-05-23 00:00:00

USN-5422-1: libxml2 vulnerabilities | Cloud Foundry

2022-07-29 00:00:00

redos

ROS-20220315-01

2022-03-15 00:00:00

openvas

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-2202)

2022-08-01 00:00:00

openSUSE: Security Advisory for python-libxml2-python (openSUSE-SU-2022:0802-1)

2022-03-23 00:00:00

Fedora: Security Advisory for libxml2 (FEDORA-2022-b661dea83d)

2022-02-25 00:00:00

cvelist

CVE-2022-23308

2022-02-26 00:00:00

ubuntucve

CVE-2022-23308

2022-02-26 00:00:00

ubuntu

libxml2 vulnerability

2022-03-14 00:00:00

libxml2 vulnerabilities

2022-05-16 00:00:00

fedora

[SECURITY] Fedora 34 Update: libxml2-2.9.13-1.fc34

2022-03-08 21:33:04

[SECURITY] Fedora 35 Update: libxml2-2.9.13-1.fc35

2022-02-24 23:09:27

cbl_mariner

CVE-2022-23308 affecting package libxml2 for versions less than 2.9.13-1

2022-04-09 06:51:46

CVE-2022-23308 affecting package libxml2 2.9.12-1

2022-03-19 16:40:53

osv

Moderate: libxml2 security update

2022-03-15 09:12:39

libxml2 vulnerability

2022-03-14 11:01:02

Moderate: libxml2 security update

2022-03-15 09:12:39

cloudlinux

Fix of CVE: CVE-2022-23308

2022-03-14 11:04:40

suse

Security update for python-libxml2-python (important)

2022-03-10 00:00:00

Security update for libxml2 (important)

2022-07-26 00:00:00

Security update for libxml2 (important)

2022-05-19 00:00:00

cve

CVE-2022-23308

2022-02-26 05:15:08

redhat

(RHSA-2022:0899) Moderate: libxml2 security update

2022-03-15 09:12:39

(RHSA-2022:1390) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:37

(RHSA-2022:1389) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:07

amazon

Medium: libxml2

2022-07-19 01:21:00

Medium: libxml2

2023-04-27 16:19:00

rocky

libxml2 security update

2022-03-15 09:12:39

nvd

CVE-2022-23308

2022-02-26 05:15:08

alpinelinux

CVE-2022-23308

2022-02-26 05:15:08

debiancve

CVE-2022-23308

2022-02-26 05:15:08

oraclelinux

libxml2 security update

2022-03-16 00:00:00

mageia

Updated libxml2 packages fix security vulnerability

2022-03-06 13:40:17

slackware

[slackware-security] libxml2

2022-03-01 05:14:36

prion

Design/Logic Flaw

2022-02-26 05:15:00

cnvd

libxml2 Resource Management Error Vulnerability (CNVD-2022-21487)

2022-02-23 00:00:00

K32760744 : libxml2 vulnerability CVE-2022-23308

2022-05-25 00:00:00

photon

Important Photon OS Security Update - PHSA-2022-0167

2022-03-29 00:00:00

Important Photon OS Security Update - PHSA-2022-4.0-0167

2022-03-29 00:00:00

Important Photon OS Security Update - PHSA-2022-0477

2022-03-04 00:00:00

github

Vulnerable dependencies in Nokogiri

2022-02-25 20:32:09

gentoo

libxml2: Multiple Vulnerabilities

2022-10-16 00:00:00

rubygems

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)

2022-02-20 21:00:00

altlinux

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.12-alt1.p10.1

2023-02-02 00:00:00

ibm

Security Bulletin: Multiple security vulnerabilities fixed in IBM Security Verify Access Appliance (CVE-2022-23308, CVE-2021-23840, CVE-2021-23841, CVE-2021-3712)

2022-07-06 18:26:46

Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)

2022-08-16 19:40:01

Security Bulletin: IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities

2022-10-28 19:52:12

debian

[SECURITY] [DLA 2972-1] libxml2 security update

2022-04-08 21:17:02

rosalinux

Advisory ROSA-SA-2024-2356

2024-02-20 10:05:34

ics

Siemens SINAMICS Medium Voltage Products

2023-06-15 12:00:00

Siemens SCALANCE, RUGGEDCOM Third-Party

2023-03-16 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

apple

About the security content of watchOS 8.6

2022-05-16 00:00:00

About the security content of tvOS 15.5

2022-05-16 00:00:00

About the security content of Security Update 2022-004 Catalina

2022-05-16 00:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.004 Low

EPSS

Percentile

74.0%

JSON

Related for VERACODE:34455