Search for vulnerabilities
Vulnerability details: VCID-rsv8-psbe-nyd8
Vulnerability ID VCID-rsv8-psbe-nyd8
Aliases CVE-2022-2309
GHSA-wrxv-2j5q-m38w
PYSEC-2022-230
Summary NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-476 NULL Pointer Dereference
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json
epss 0.00513 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00513 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00513 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
epss 0.00568 https://api.first.org/data/v1/epss?cve=CVE-2022-2309
cvssv3.1 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.3 https://github.com/advisories/GHSA-wrxv-2j5q-m38w
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-wrxv-2j5q-m38w
generic_textual MODERATE https://github.com/advisories/GHSA-wrxv-2j5q-m38w
cvssv3.1 5.3 https://github.com/lxml/lxml
generic_textual MODERATE https://github.com/lxml/lxml
cvssv3.1 5.3 https://github.com/lxml/lxml/blob/master/CHANGES.txt
generic_textual MODERATE https://github.com/lxml/lxml/blob/master/CHANGES.txt
cvssv3.1 5.3 https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f
generic_textual MODERATE https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f
cvssv3.1 5.3 https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml
generic_textual MODERATE https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml
cvssv3.1 5.3 https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba
generic_textual MODERATE https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ
cvssv3.1 5.3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO
generic_textual MODERATE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2022-2309
cvssv3.1 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-2309
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2309
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2022-2309
cvssv3.1 5.3 https://security.gentoo.org/glsa/202208-06
generic_textual MODERATE https://security.gentoo.org/glsa/202208-06
cvssv3.1 5.3 https://security.netapp.com/advisory/ntap-20220915-0006
generic_textual MODERATE https://security.netapp.com/advisory/ntap-20220915-0006
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json
https://api.first.org/data/v1/epss?cve=CVE-2022-2309
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/advisories/GHSA-wrxv-2j5q-m38w
https://github.com/lxml/lxml
https://github.com/lxml/lxml/blob/master/CHANGES.txt
https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f
https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml
https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO
https://nvd.nist.gov/vuln/detail/CVE-2022-2309
https://security.gentoo.org/glsa/202208-06
https://security.netapp.com/advisory/ntap-20220915-0006
https://security.netapp.com/advisory/ntap-20220915-0006/
1014766 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766
2107571 https://bugzilla.redhat.com/show_bug.cgi?id=2107571
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
RHSA-2022:8226 https://access.redhat.com/errata/RHSA-2022:8226
USN-5760-1 https://usn.ubuntu.com/5760-1/
USN-6028-2 https://usn.ubuntu.com/6028-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/advisories/GHSA-wrxv-2j5q-m38w
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/lxml/lxml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/lxml/lxml/blob/master/CHANGES.txt
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2309
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2309
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2309
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://security.gentoo.org/glsa/202208-06
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://security.netapp.com/advisory/ntap-20220915-0006
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.65558
EPSS Score 0.00513
Published At June 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-01T12:11:26.832253+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/5760-1/ 36.1.3