{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T22:19:43.991","vulnerabilities":[{"cve":{"id":"CVE-2022-2309","sourceIdentifier":"security@huntr.dev","published":"2022-07-05T10:15:08.763","lastModified":"2026-06-17T04:41:40.237","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered."},{"lang":"es","value":"Una desreferencia de puntero NULL permite a atacantes causar una denegación de servicio (o bloqueo de la aplicación). Esto solo se aplica cuando lxml se usa junto con libxml2 versiones 2.9.10 hasta 2.9.14. libxml2 versiones 2.9.9 y anteriores no están afectados. Permite desencadenar bloqueos por medio de datos de entrada falsificados, dada una secuencia de código vulnerable en la aplicación. La vulnerabilidad es causada por la función iterwalk (también utilizada por la función canonicalize). Dicho código no debería tener un uso generalizado, dado que parsing + iterwalk generalmente se reemplazaría con la función iterparse más eficiente. Sin embargo, un convertidor XML que serializa a C14N también sería vulnerable, por ejemplo, y existen casos de uso legítimos para esta secuencia de código. Si se recibe una entrada que no es de confianza (también de forma remota) y se procesa por medio de la función iterwalk, se puede desencadenar un bloqueo"}],"affected":[{"source":"security@huntr.dev","affectedData":[{"vendor":"lxml","product":"lxml/lxml","versions":[{"version":"unspecified","lessThan":"4.9.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lxml:lxml:*:*:*:*:*:*:*:*","versionEndExcluding":"4.9.1","matchCriteriaId":"738BCE63-2B47-4CFA-9915-C3DE1A3AA9A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","versionStartIncluding":"2.9.10","versionEndIncluding":"2.9.14","matchCriteriaId":"E1774300-F6CA-43CA-A6FD-6A302814FB5D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","matchCriteriaId":"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","matchCriteriaId":"E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}]}]}],"references":[{"url":"https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f","source":"security@huntr.dev","tags":["Patch","Third Party Advisory"]},{"url":"https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba","source":"security@huntr.dev","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/","source":"security@huntr.dev"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/","source":"security@huntr.dev"},{"url":"https://security.gentoo.org/glsa/202208-06","source":"security@huntr.dev","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220915-0006/","source":"security@huntr.dev","tags":["Third Party Advisory"]},{"url":"https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202208-06","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20220915-0006/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}