• Tenable
  • CVEs
  • Settings
    Links
    Tenable.io Tenable Community & Support Tenable University
    Severity
    Theme
  • Tenable
  • Links
  • Tenable.io
  • Tenable Community & Support
  • Tenable University
  • Settings
  • Severity
  • Theme
  • Newest
  • Updated
  • Search
  • Newest
  • Updated
  • Search
  1. CVEs
  2. CVE-2022-40304
  1. CVEs

CVE-2022-40304

high
  • Information
  • CPEs
  • Plugins

Description

An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.

References

https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3

https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b

https://gitlab.gnome.org/GNOME/libxml2/-/tags

https://security.netapp.com/advisory/ntap-20221209-0003/

https://support.apple.com/kb/HT213534

https://support.apple.com/kb/HT213535

https://support.apple.com/kb/HT213536

https://support.apple.com/kb/HT213531

https://support.apple.com/kb/HT213533

http://seclists.org/fulldisclosure/2022/Dec/21

http://seclists.org/fulldisclosure/2022/Dec/25

http://seclists.org/fulldisclosure/2022/Dec/24

http://seclists.org/fulldisclosure/2022/Dec/26

Details

Source: MITRE

Published: 2022-11-23

Updated: 2023-02-23

Type: CWE-611

  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2023 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance