JLSEC-2025-74
- Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2025/JLSEC-2025-74.md
- Import Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-74.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/JLSEC-2025-74
- Upstream
- Published
- 2025-10-17T17:40:51.659Z
- Modified
- 2025-11-03T00:19:11.235993Z
- Summary
- valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
- Details
-
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
- Database specific
{ "sources": [ { "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2022-23308", "modified": "2025-05-05T17:17:56.523Z", "published": "2022-02-26T05:15:08.280Z", "id": "CVE-2022-23308", "imported": "2025-10-28T18:09:07.781Z" } ], "license": "CC-BY-4.0" }- References
-
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/34
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/36
- http://seclists.org/fulldisclosure/2022/May/37
- http://seclists.org/fulldisclosure/2022/May/38
- https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
- https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
- https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LA3MWWAYZADWJ5F6JOUBX65UZAMQB7RF/
- https://security.gentoo.org/glsa/202210-03
- https://security.netapp.com/advisory/ntap-20220331-0008/
- https://support.apple.com/kb/HT213253
- https://support.apple.com/kb/HT213254
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://support.apple.com/kb/HT213258
- https://www.oracle.com/security-alerts/cpujul2022.html