valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. https://nvd.nist.gov/vuln/detail/CVE-2022-23308