CVE-2023-45322
06.10.2023, 22:15
libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| xmlsoft | libxml2 | 𝑥 ≤ 2.11.5 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2-2 |
| ||||||||||||||||||||||||||||||
| libxml2-2-32bit |
| ||||||||||||||||||||||||||||||
| libxml2-devel |
| ||||||||||||||||||||||||||||||
| libxml2-doc |
| ||||||||||||||||||||||||||||||
| libxml2-tools |
| ||||||||||||||||||||||||||||||
| python-libxml2 |
| ||||||||||||||||||||||||||||||
| python3-libxml2 |
| ||||||||||||||||||||||||||||||
| python311-libxml2 |
|
Common Weakness Enumeration
References