CVE-2022-40304

Published: Nov 23, 2022

Modified: Apr 28, 2025

PUBLISHED

Description

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.gnome.org/GNOME/libxml2/-/tags

https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3

https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b

https://security.netapp.com/advisory/ntap-20221209-0003/

https://support.apple.com/kb/HT213534

https://support.apple.com/kb/HT213533

https://support.apple.com/kb/HT213531

https://support.apple.com/kb/HT213536

https://support.apple.com/kb/HT213535

20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2

mailing-list

20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2

mailing-list

20221220 APPLE-SA-2022-12-13-7 tvOS 16.2

mailing-list

20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2

mailing-list

20221220 APPLE-SA-2022-12-13-8 watchOS 9.2

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-40304

Description

Affected Products

References