Vulnerability Details : CVE-2022-40304
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Vulnerability category: Memory CorruptionXML external entity (XXE) injection
Products affected by CVE-2022-40304
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*
- cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
- cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-40304
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 38 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-40304
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-40304
-
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-40304
-
https://support.apple.com/kb/HT213533
About the security content of macOS Monterey 12.6.2 - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT213535
About the security content of tvOS 16.2 - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT213536
About the security content of watchOS 9.2 - Apple SupportThird Party Advisory
-
https://support.apple.com/kb/HT213531
About the security content of iOS 15.7.2 and iPadOS 15.7.2 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/21
Full Disclosure: APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/25
Full Disclosure: APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2Mailing List;Third Party Advisory
-
https://support.apple.com/kb/HT213534
About the security content of macOS Big Sur 11.7.2 - Apple SupportThird Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/24
Full Disclosure: APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2Mailing List;Third Party Advisory
-
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
v2.10.3 · Tags · GNOME / libxml2 · GitLabPatch;Release Notes;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20221209-0003/
November 2022 Libxml2 Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/26
Full Disclosure: APPLE-SA-2022-12-13-7 tvOS 16.2Mailing List;Third Party Advisory
-
https://gitlab.gnome.org/GNOME/libxml2/-/tags
Tags · GNOME / libxml2 · GitLabRelease Notes;Third Party Advisory
-
https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b
[CVE-2022-40304] Fix dict corruption caused by entity reference cycles (1b41ec4e) · Commits · GNOME / libxml2 · GitLabPatch;Third Party Advisory
Jump to