Updated: 2022-12-19 19:51:13.476666
Description:
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 4.3 |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | libxml2 | 2.7.6 | 7.5 | HIGH | Released | CLSA-2022:1647255880 | 2022-05-05 12:04:53 |
| CentOS 8.4 ELS | libxml2 | 2.9.7-9 | 7.5 | HIGH | Released | CLSA-2022:1647261009 | 2022-04-08 21:40:24 |
| CentOS 8.5 ELS | libxml2 | 2.9.7-9 | 7.5 | HIGH | Released | CLSA-2022:1647261060 | 2022-04-08 21:40:25 |
| CloudLinux 6 ELS | libxml2 | 2.7.6 | 7.5 | HIGH | Released | CLSA-2022:1647256000 | 2022-04-08 21:40:25 |
| Oracle Linux 6 ELS | libxml2 | 2.7.6 | 7.5 | HIGH | Released | CLSA-2022:1647255690 | 2022-04-08 21:40:24 |
| Ubuntu 16.04 ELS | libxml2 | 2.9.3 | 7.5 | HIGH | Released | CLSA-2022:1647254642 | 2022-04-08 21:40:24 |
| Ubuntu 18.04 ELS | libxml2 | 2.9.4 | 7.5 | HIGH | Needs Triage | 2023-03-02 13:01:18 |