valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
{ "vanir_signatures": [ { "id": "CVE-2022-23308-0029140a", "signature_type": "Function", "digest": { "function_hash": "263118250159742398502764830048956299832", "length": 1314.0 }, "target": { "file": "valid.c", "function": "xmlAddID" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/gnome/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "id": "CVE-2022-23308-48340e95", "signature_type": "Function", "digest": { "function_hash": "168666736372975522378851180165387370280", "length": 1181.0 }, "target": { "file": "valid.c", "function": "xmlValidNormalizeAttributeValue" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/gnome/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "id": "CVE-2022-23308-72fec1c8", "signature_type": "Line", "digest": { "line_hashes": [ "337539446299612776986025596955931509497", "165712256803980059223135056483879829345", "292841904031728616418486966445388866973", "6300252467746399102225339089366138712", "157844247236687763772194564239061704882", "253578277186123065813361856953557119280", "304026152785324741147285072758261868574", "287401553331146535433400224017146271637", "127071773345391170655999505182793315816", "161878487443997427413381000308281455084", "333727894587574024429500500002493256118", "237766997829463954603370823868142544590", "105605814243896654638570373692820040013", "161588423930957214230265554709179818851", "89748060402539852774070129937771041343", "132252450660183676888628311215910345140", "118303312629013533674232208452798891689", "153405378355166670398901892015100509122", "60070527367147827962351646124950147191", "250599950088988347645781485804697245189", "302361375603169399143631982907886937684", "215668576346637080781608453637319291620", "192496338417362741333428758355376500497", "197083481052064309675666682116175562433", "295187513158053398330433780469809054655", "251338085540469831906297147480078865746", "202910007016097103558235665874778685902", "268819058741249819367815881268460327520", "170138032823727781256376490990143474964", "156732012974027609925172692041789457821", "23114186743147825509418495190608577677", "80535392785847788918527719038433338754", "48815551560744087760181977036983644384", "213768700232698096988940184312004012716", "249586578457928502112208727639847533381", "93316075113813565333467429739047401060", "312908294470933617160327031130801059279", "122749512770539211907811201456100968651", "316014632723907048014541892337810037668", "268374606396638194565775164842676757224", "250549482678495892342476011386287444711", "36557711938904940309789129250314558877", "21243060130043324693995516329340714459", "195478636878252336984581361347112758910", "286725406572637736974109917652371507047", "92356130759593643528448884457029121890", "322932413560213341660044545227108354544", "196048150691264090537478537329179936337", "268819058741249819367815881268460327520", "170138032823727781256376490990143474964", "156732012974027609925172692041789457821", "23114186743147825509418495190608577677", "80535392785847788918527719038433338754", "48815551560744087760181977036983644384", "213768700232698096988940184312004012716", "249586578457928502112208727639847533381", "93316075113813565333467429739047401060", "312908294470933617160327031130801059279", "122749512770539211907811201456100968651", "316014632723907048014541892337810037668", "268374606396638194565775164842676757224", "337168966210308887601036804850662765741", "204664327545766234900963266135466051047", "272393039094845089668991793831806601584" ], "threshold": 0.9 }, "target": { "file": "valid.c" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/gnome/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "id": "CVE-2022-23308-795e2c8b", "signature_type": "Function", "digest": { "function_hash": "169778564934064718562504146244507501816", "length": 1782.0 }, "target": { "file": "valid.c", "function": "xmlValidCtxtNormalizeAttributeValue" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/gnome/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "id": "CVE-2022-23308-865b5563", "signature_type": "Function", "digest": { "function_hash": "169108132469541420728050858748661937682", "length": 1646.0 }, "target": { "file": "valid.c", "function": "xmlAddRef" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/gnome/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "id": "CVE-2022-23308-8fa5d71b", "signature_type": "Function", "digest": { "function_hash": "80385978404819234967114723843068601860", "length": 533.0 }, "target": { "file": "valid.c", "function": "xmlRemoveID" }, "deprecated": false, "signature_version": "v1", "source": "https://github.com/gnome/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" } ] }