Lucene search
Redhat.comRH:CVE-2022-39353HistoryNov 14, 2022 - 3:56 a.m.
CVE-2022-39353
2022-11-1403:56:39
redhat.com
access.redhat.com
22
0.008 Low
EPSS
Percentile
81.5%
A flaw was found in the xmldom package. The xmldom parses XML that is not well-formed because it contains multiple top-level elements, adding all root nodes to the childNodes collection of the Document without reporting errors or throwing. This breaks the assumption that there is only a single root node in the tree, which led to CVE-2022-39299, as it is a potential issue for dependents.
Related
prion
prion
Design/Logic Flaw
2022-11-02 17:15:00
Authentication flaw
2022-10-12 21:15:00
ubuntucve
ubuntucve
CVE-2022-39353
2022-11-02 00:00:00
debiancve
debiancve
CVE-2022-39353
2022-11-02 17:15:00
cve
cve
CVE-2022-39353
2022-11-02 17:15:00
CVE-2022-39299
2022-10-12 21:15:00
osv
osv
CVE-2022-39353
2022-11-02 17:15:17
xmldom allows multiple root nodes in a DOM
2022-11-01 17:29:11
CVE-2022-39299
2022-10-12 21:15:09
cvelist
cvelist
CVE-2022-39353 xmldom allows multiple root nodes in a DOM
2022-11-02 00:00:00
CVE-2022-39299 Signature bypass via multiple root elements in Passport-SAML
2022-10-12 00:00:00
github
github
xmldom allows multiple root nodes in a DOM
2022-11-01 17:29:11
Signature bypass via multiple root elements
2022-10-12 22:05:41
nessus
nessus
Debian DLA-3260-1 : node-xmldom - LTS security update
2023-01-07 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : xmldom vulnerabilities (USN-6102-1)
2023-05-24 00:00:00
debian
debian
[SECURITY] [DLA 3260-1] node-xmldom security update
2023-01-01 17:01:09
openvas
openvas
Debian: Security Advisory (DLA-3260-1)
2023-01-02 00:00:00
Ubuntu: Security Advisory (USN-6102-1)
2023-05-25 00:00:00
ibm
ibm
veracode
veracode
Improper Verification Of Cryptographic Signature
2022-10-14 11:00:44
Improper Input Validation
2022-11-03 05:26:31
githubexploit
githubexploit
cbl_mariner
cbl_mariner
ubuntu
ubuntu
xmldom vulnerabilities
2023-05-24 00:00:00