Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-45322
HistoryOct 06, 2023 - 10:15 p.m.

Design/Logic Flaw

2023-10-0622:15:00
PRIOn knowledge base
www.prio-n.com
11
design/logic flaw
memory allocation
vendor dispute

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

18.8%

DISPUTED libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor’s position is “I don’t think these issues are critical enough to warrant a CVE ID … because an attacker typically can’t control when memory allocations fail.”

CPENameOperatorVersion
libxml2le2.11.5