CVE-2022-23308

{"id": "CVE-2022-23308", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-02-26T05:15:08.280", "references": [{"url": "http://seclists.org/fulldisclosure/2022/May/33", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2022/May/34", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2022/May/35", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2022/May/36", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2022/May/37", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2022/May/38", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/", "source": "cve@mitre.org"}, {"url": "https://security.gentoo.org/glsa/202210-03", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20220331-0008/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT213253", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT213254", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT213255", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT213256", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT213257", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://support.apple.com/kb/HT213258", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes."}, {"lang": "es", "value": "El archivo valid.c en libxml2 versiones anteriores a 2.9.13, presenta un uso de memoria previamente liberada de los atributos ID e IDREF.\n"}], "lastModified": "2023-11-07T03:44:08.253", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75F3B6C3-9C14-4576-BF39-4A1D774A0979", "versionEndExcluding": "2.9.13"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B3F8579-F907-4E15-A4D6-1459A6687594", "versionEndExcluding": "15.5"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29151647-DA19-4B1B-B1CD-2E05A712F941", "versionEndExcluding": "15.5"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1632ED85-FDBF-4E46-AF1A-15594CC8E946", "versionEndExcluding": "10.15.7", "versionStartIncluding": "10.15.0"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89161D20-EB9C-4EC0-8D82-75B27CE49264"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3456176F-9185-4EE2-A8CE-3D989D674AB7"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D337EE21-2F00-484D-9285-F2B0248D7A19"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E974DC6-F7D9-4389-9AF9-863F6E419CE6"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "156A6382-2BD3-4882-90B2-8E7CF6659E17"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49F537A0-DC42-4176-B22F-C80D179DD99D"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "787E02EF-92F4-46E6-BB1E-0BF49C50A096", "versionEndExcluding": "11.6.6", "versionStartIncluding": "11.6.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35154201-43EA-4C22-B0BA-D1A24C46D320", "versionEndExcluding": "12.4", "versionStartIncluding": "12.0"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C98BE9E-8463-4CB9-8E42-A68DC0B20BD8", "versionEndExcluding": "15.5"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8BAAD78-60FC-4EC3-B727-55F0C0969D6A", "versionEndExcluding": "8.6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "vulnerable": true, "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"}, {"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163"}, {"criteria": "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62347994-1353-497C-9C4A-D5D8D95F67E8"}, {"criteria": "cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D39DCAE7-494F-40B2-867F-6C6A077939DD"}, {"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"}, {"criteria": "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BB0FDCF-3750-44C6-AC5C-0CC2AAD14093"}, {"criteria": "cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*", "vulnerable": true, "matchCriteriaId": "61D7EF01-F618-497F-9375-8003CEA3D380"}, {"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", "vulnerable": true, "matchCriteriaId": "26A2B713-7D6D-420A-93A4-E0D983C983DF"}, {"criteria": "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAA3919C-B2B1-4CB5-BA76-7A079AAFFC52"}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "108A2215-50FB-4074-94CF-C130FA14566D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32F0B6C0-F930-480D-962B-3F4EFDCC13C7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "803BC414-B250-4E3A-A478-A3881340D6B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FEB3337-BFDE-462A-908B-176F92053CEC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "736AEAE9-782B-4F71-9893-DED53367E102"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA64107-8025-4DC7-8222-F898ADEC6864"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04E6C8E9-2024-496C-9BFD-4548A5B44E2E"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A264E0DE-209D-49B1-8B26-51AB8BBC97F1"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB5FF32-7362-4A1E-AD24-EF6B8770FCAD"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F4637E5-3324-441D-94E9-C2DBE9A6B502"}, {"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74810125-09E6-4F27-B541-AFB61112AC56"}, {"criteria": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76CA1C43-5BEC-4ABF-9E0A-E55D6C8311AB", "versionEndIncluding": "8.0.29"}, {"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}