Опубликовано: 26 фев. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 7.5
Описание
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.9.4+dfsg1-6.1ubuntu1.5 |
| devel | not-affected | 2.9.13+dfsg-1 |
| esm-infra-legacy/trusty | released | 2.9.1+dfsg1-3ubuntu4.13+esm3 |
| esm-infra/bionic | released | 2.9.4+dfsg1-6.1ubuntu1.5 |
| esm-infra/focal | released | 2.9.10+dfsg-5ubuntu0.20.04.2 |
| esm-infra/xenial | released | 2.9.3+dfsg1-1ubuntu0.7+esm2 |
| focal | released | 2.9.10+dfsg-5ubuntu0.20.04.2 |
| impish | released | 2.9.12+dfsg-4ubuntu0.1 |
| jammy | not-affected | 2.9.13+dfsg-1 |
| trusty | ignored | end of standard support |
Показывать по
10
EPSS
Процентиль: 13%
0.00046
Низкий
4.3 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 8.1
redhat
больше 3 лет назад
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
CVSS3: 7.5
nvd
больше 3 лет назад
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
CVSS3: 7.5
debian
больше 3 лет назад
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF ...
EPSS
Процентиль: 13%
0.00046
Низкий
4.3 Medium
CVSS2
7.5 High
CVSS3