libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-10-06T00:00:00
Updated: 2024-09-19T18:12:42.230Z
Reserved: 2023-10-06T00:00:00
Link: CVE-2023-45322
Vulnrichment
Updated: 2024-08-02T20:21:15.381Z
NVD
Status : Modified
Published: 2023-10-06T22:15:11.660
Modified: 2024-11-21T08:26:44.780
Link: CVE-2023-45322
Redhat