CVE-2023-29469

2023-04-2421:15:09

Google

osv.dev

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.046 Low

EPSS

Percentile

92.5%

JSON

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the ‘\0’ value).

CPENameOperatorVersion
libxml2eqLIBXML_TEST_2_0_0
libxml2eqLIBXML2_2_5_8
libxml2eqCVE-2016-4449
libxml2eqLIBXML_2_4_27
libxml2eqLIBXML_2_3_14
libxml2eqLIBXML_2_5_6
libxml2eq2.7.5
libxml2eqCVE-2015-8317
libxml2eqCVE-2014-0191
libxml2eq2.9.12-r2

Name	Operator	Version
libxml2	eq	LIBXML_TEST_2_0_0
libxml2	eq	LIBXML2_2_5_8
libxml2	eq	CVE-2016-4449
libxml2	eq	LIBXML_2_4_27
libxml2	eq	LIBXML_2_3_14
libxml2	eq	LIBXML_2_5_6
libxml2	eq	2.7.5
libxml2	eq	CVE-2015-8317
libxml2	eq	CVE-2014-0191
libxml2	eq	2.9.12-r2