7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
libxml2.so is vulnerable to use after free. The vulnerability exists in ID and IDREF attributes of several functions in valid.c
due to lack of validations of which leads to an application crash.
seclists.org/fulldisclosure/2022/May/33
seclists.org/fulldisclosure/2022/May/34
seclists.org/fulldisclosure/2022/May/35
seclists.org/fulldisclosure/2022/May/36
seclists.org/fulldisclosure/2022/May/37
seclists.org/fulldisclosure/2022/May/38
github.com/advisories/GHSA-8v47-xfh7-92fh
github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
lists.debian.org/debian-lts-announce/2022/04/msg00004.html
lists.fedoraproject.org/archives/list/[email protected]/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
security.gentoo.org/glsa/202210-03
security.netapp.com/advisory/ntap-20220331-0008/
support.apple.com/kb/HT213253
support.apple.com/kb/HT213254
support.apple.com/kb/HT213255
support.apple.com/kb/HT213256
support.apple.com/kb/HT213257
support.apple.com/kb/HT213258
www.oracle.com/security-alerts/cpujul2022.html
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P