CVE-2022-49043

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-49043

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49043.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-49043

Downstream

DEBIAN-CVE-2022-49043

DLA-4064-1

DSA-5949-1

ECHO-fd8a-6039-c2c3

OESA-2025-1104

RHSA-2025:1350

RHSA-2025:1516

RHSA-2025:1517

RHSA-2025:2507

RHSA-2025:2678

SUSE-SU-2025:0300-1

SUSE-SU-2025:0303-1

SUSE-SU-2025:0341-1

SUSE-SU-2025:0348-1

UBUNTU-CVE-2022-49043

USN-7240-1

USN-7302-1

Related

Published

2025-01-26T06:15:21Z

Modified

2025-10-22T00:17:10.676511Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.

References

Affected packages

Git / github.com/gnome/libxml2

Affected ranges

Type: GIT
Repo: https://github.com/gnome/libxml2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f296934ade688baab79caf1c62a82149ad78accf

Affected versions

Other

CVE-2013-2877

CVE-2014-0191

CVE-2014-3660

CVE-2015-1819

CVE-2015-5312

CVE-2015-7497

CVE-2015-7498

CVE-2015-7499-1

CVE-2015-7499-2

CVE-2015-7500

CVE-2015-7941_1

CVE-2015-7941_2

CVE-2015-7942

CVE-2015-7942-2

CVE-2015-8035

CVE-2015-8242

CVE-2015-8317

CVE-2016-1762

CVE-2016-1833

CVE-2016-1834

CVE-2016-1835

CVE-2016-1836

CVE-2016-1837

CVE-2016-1838

CVE-2016-1839

CVE-2016-1840

CVE-2016-3627

CVE-2016-3705

CVE-2016-4449

CVE-2016-4483

CVE-2021-3541

EAZEL-NAUTILUS-MS-AUG07

FOR_GNOME_0_99_1

GNOME_0_30

GNOME_PRINT_0_24

GNUMERIC_FIRST_PUBLIC_RELEASE

LIBXML2_2_4_21

LIBXML2_2_5_0

LIBXML2_2_5_10

LIBXML2_2_5_7

LIBXML2_2_5_8

LIBXML2_2_5_9

LIBXML2_2_5_x

LIBXML2_2_6_1

LIBXML2_2_6_11

LIBXML2_2_6_12

LIBXML2_2_6_13

LIBXML2_2_6_14

LIBXML2_2_6_15

LIBXML2_2_6_16

LIBXML2_2_6_18

LIBXML2_2_6_19

LIBXML2_2_6_2

LIBXML2_2_6_20

LIBXML2_2_6_21

LIBXML2_2_6_22

LIBXML2_2_6_23

LIBXML2_2_6_24

LIBXML2_2_6_26

LIBXML2_2_6_27

LIBXML2_2_6_28

LIBXML2_2_6_3

LIBXML2_2_6_4

LIBXML2_2_6_5

LIBXML2_2_6_6

LIBXML2_2_6_7

LIBXML2_2_6_8

LIBXML2_2_6_9

LIBXML2_6_0

LIBXML_0_99

LIBXML_1_5_0

LIBXML_1_8_5

LIBXML_1_8_6

LIBXML_2_0_0

LIBXML_2_1_0

LIBXML_2_1_1

LIBXML_2_2_1

LIBXML_2_2_3

LIBXML_2_2_4

LIBXML_2_2_6

LIBXML_2_2_7

LIBXML_2_2_8

LIBXML_2_3_0

LIBXML_2_3_10

LIBXML_2_3_11

LIBXML_2_3_12

LIBXML_2_3_13

LIBXML_2_3_14

LIBXML_2_3_2

LIBXML_2_3_3

LIBXML_2_3_4

LIBXML_2_3_5

LIBXML_2_3_6

LIBXML_2_3_7

LIBXML_2_3_8

LIBXML_2_3_9

LIBXML_2_4_0

LIBXML_2_4_11

LIBXML_2_4_12

LIBXML_2_4_13

LIBXML_2_4_14

LIBXML_2_4_16

LIBXML_2_4_18

LIBXML_2_4_2

LIBXML_2_4_20

LIBXML_2_4_22

LIBXML_2_4_23

LIBXML_2_4_24

LIBXML_2_4_25

LIBXML_2_4_26

LIBXML_2_4_27

LIBXML_2_4_29

LIBXML_2_4_3

LIBXML_2_4_30

LIBXML_2_4_4

LIBXML_2_4_6

LIBXML_2_4_7

LIBXML_2_5_1

LIBXML_2_5_2

LIBXML_2_5_3

LIBXML_2_5_4

LIBXML_2_5_5

LIBXML_2_5_6

LIBXML_2_6_10

LIBXML_TEST_2_0_0

LIB_XML_1_1

LIB_XML_1_3

LIB_XML_1_4

LIB_XML_1_6_1

LIB_XML_1_6_2

LIB_XML_1_7_0

LIB_XML_1_7_1

LIB_XML_1_7_3

LIB_XML_1_8_3

LIB_XML_1_X

PRE_MUCKUP

PRE_MUCKUP2

PRE_MUCKUP3

help

LIBXML2.*

LIBXML2.6.32

LIBXML2.7.0

LIBXML2.7.1

LIBXML2.7.2

LIBXML2.7.3

v2.*

v2.10.0

v2.7.4

v2.7.5

v2.7.6

v2.7.7

v2.7.8

v2.8.0

v2.8.0-rc1

v2.8.0-rc2

v2.9.0

v2.9.0-rc2

v2.9.1

v2.9.10

v2.9.10-rc1

v2.9.11

v2.9.12

v2.9.13

v2.9.2

v2.9.2-rc1

v2.9.2-rc2

v2.9.3

v2.9.4

v2.9.4-rc1

v2.9.4-rc2

v2.9.5

v2.9.5-rc1

v2.9.5-rc2

v2.9.6

v2.9.6-rc1

v2.9.7

v2.9.7-rc1

v2.9.8

v2.9.8-rc1

v2.9.9

v2.9.9-rc1

v2.9.9-rc2

Git / gitlab.gnome.org/GNOME/libxml2

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/libxml2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5a19e21605398cef6a8b1452477a8705cb41562b

Affected versions

Other

CVE-2013-2877

CVE-2014-0191

CVE-2014-3660

CVE-2015-1819

CVE-2015-5312

CVE-2015-7497

CVE-2015-7498

CVE-2015-7499-1

CVE-2015-7499-2

CVE-2015-7500

CVE-2015-7941_1

CVE-2015-7941_2

CVE-2015-7942

CVE-2015-7942-2

CVE-2015-8035

CVE-2015-8242

CVE-2015-8317

CVE-2016-1762

CVE-2016-1833

CVE-2016-1834

CVE-2016-1835

CVE-2016-1836

CVE-2016-1837

CVE-2016-1838

CVE-2016-1839

CVE-2016-1840

CVE-2016-3627

CVE-2016-3705

CVE-2016-4449

CVE-2016-4483

CVE-2021-3541

EAZEL-NAUTILUS-MS-AUG07

FOR_GNOME_0_99_1

GNOME_0_30

GNOME_PRINT_0_24

GNUMERIC_FIRST_PUBLIC_RELEASE

LIBXML2_2_4_21

LIBXML2_2_5_0

LIBXML2_2_5_10

LIBXML2_2_5_7

LIBXML2_2_5_8

LIBXML2_2_5_9

LIBXML2_2_5_x

LIBXML2_2_6_1

LIBXML2_2_6_11

LIBXML2_2_6_12

LIBXML2_2_6_13

LIBXML2_2_6_14

LIBXML2_2_6_15

LIBXML2_2_6_16

LIBXML2_2_6_18

LIBXML2_2_6_19

LIBXML2_2_6_2

LIBXML2_2_6_20

LIBXML2_2_6_21

LIBXML2_2_6_22

LIBXML2_2_6_23

LIBXML2_2_6_24

LIBXML2_2_6_26

LIBXML2_2_6_27

LIBXML2_2_6_28

LIBXML2_2_6_3

LIBXML2_2_6_4

LIBXML2_2_6_5

LIBXML2_2_6_6

LIBXML2_2_6_7

LIBXML2_2_6_8

LIBXML2_2_6_9

LIBXML2_6_0

LIBXML_0_99

LIBXML_1_5_0

LIBXML_1_8_5

LIBXML_1_8_6

LIBXML_2_0_0

LIBXML_2_1_0

LIBXML_2_1_1

LIBXML_2_2_1

LIBXML_2_2_3

LIBXML_2_2_4

LIBXML_2_2_6

LIBXML_2_2_7

LIBXML_2_2_8

LIBXML_2_3_0

LIBXML_2_3_10

LIBXML_2_3_11

LIBXML_2_3_12

LIBXML_2_3_13

LIBXML_2_3_14

LIBXML_2_3_2

LIBXML_2_3_3

LIBXML_2_3_4

LIBXML_2_3_5

LIBXML_2_3_6

LIBXML_2_3_7

LIBXML_2_3_8

LIBXML_2_3_9

LIBXML_2_4_0

LIBXML_2_4_11

LIBXML_2_4_12

LIBXML_2_4_13

LIBXML_2_4_14

LIBXML_2_4_16

LIBXML_2_4_18

LIBXML_2_4_2

LIBXML_2_4_20

LIBXML_2_4_22

LIBXML_2_4_23

LIBXML_2_4_24

LIBXML_2_4_25

LIBXML_2_4_26

LIBXML_2_4_27

LIBXML_2_4_29

LIBXML_2_4_3

LIBXML_2_4_30

LIBXML_2_4_4

LIBXML_2_4_6

LIBXML_2_4_7

LIBXML_2_5_1

LIBXML_2_5_2

LIBXML_2_5_3

LIBXML_2_5_4

LIBXML_2_5_5

LIBXML_2_5_6

LIBXML_2_6_10

LIBXML_TEST_2_0_0

LIB_XML_1_1

LIB_XML_1_3

LIB_XML_1_4

LIB_XML_1_6_1

LIB_XML_1_6_2

LIB_XML_1_7_0

LIB_XML_1_7_1

LIB_XML_1_7_3

LIB_XML_1_8_3

LIB_XML_1_X

PRE_MUCKUP

PRE_MUCKUP2

PRE_MUCKUP3

help

LIBXML2.*

LIBXML2.6.32

LIBXML2.7.0

LIBXML2.7.1

LIBXML2.7.2

LIBXML2.7.3

v2.*

v2.10.0

v2.7.4

v2.7.5

v2.7.6

v2.7.7

v2.7.8

v2.8.0

v2.8.0-rc1

v2.8.0-rc2

v2.9.0

v2.9.0-rc2

v2.9.1

v2.9.10

v2.9.10-rc1

v2.9.11

v2.9.12

v2.9.13

v2.9.2

v2.9.2-rc1

v2.9.2-rc2

v2.9.3

v2.9.4

v2.9.4-rc1

v2.9.4-rc2

v2.9.5

v2.9.5-rc1

v2.9.5-rc2

v2.9.6

v2.9.6-rc1

v2.9.7

v2.9.7-rc1

v2.9.8

v2.9.8-rc1

v2.9.9

v2.9.9-rc1

v2.9.9-rc2

Database specific

vanir_signatures

[
    {
        "digest": {
            "length": 2890.0,
            "function_hash": "31088922347676708703698485657285354355"
        },
        "signature_type": "Function",
        "target": {
            "function": "xmlXIncludeAddNode",
            "file": "xinclude.c"
        },
        "deprecated": false,
        "source": "https://gitlab.gnome.org/GNOME/libxml2@5a19e21605398cef6a8b1452477a8705cb41562b",
        "signature_version": "v1",
        "id": "CVE-2022-49043-1d6228b9"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "234727746432330059379395021616092678607",
                "16179871270064240906158248971492029307",
                "159292601689154207518257892295593177007",
                "291328165747208326717008482495952795005",
                "266861528478367806157829654743814337325",
                "163347916687622542487864494211142632027",
                "248669120723773372404211044952287217859",
                "215996276487752814757516578671470546055",
                "267951245514243856224294851595258107199",
                "311872970062567964960244385447078116475",
                "195389415836806891286407055929463719000"
            ]
        },
        "signature_type": "Line",
        "target": {
            "file": "xinclude.c"
        },
        "deprecated": false,
        "source": "https://gitlab.gnome.org/GNOME/libxml2@5a19e21605398cef6a8b1452477a8705cb41562b",
        "signature_version": "v1",
        "id": "CVE-2022-49043-78a4e393"
    }
]