CVE-2022-49043

Опубликовано: 26 янв. 2025

Источник: debian

EPSS Низкий

Описание

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

Пакет	Статус	Версия исправления	Релиз	Тип
libxml2	fixed	2.12.3+dfsg-0exp1	experimental	package
libxml2	fixed	2.12.7+dfsg+really2.9.14-0.4		package

Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b (v2.11.0)
https://github.com/php/php-src/issues/17467

EPSS

Процентиль: 7%

0.00028

Низкий

CVE-2022-49043

CVSS3: 8.1

ubuntu

около 1 года назад

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

CVE-2022-49043

CVSS3: 5.9

redhat

около 1 года назад

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

CVE-2022-49043

CVSS3: 8.1

nvd

около 1 года назад

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

CVE-2022-49043

CVSS3: 8.1

msrc

около 1 года назад

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

SUSE-SU-2025:0348-1

suse-cvrf

около 1 года назад

Security update for libxml2

EPSS

Процентиль: 7%

0.00028

Низкий