An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
|
History
07 Nov 2023, 03:52
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-415 |
Information
Published : 2022-11-23 18:15
Updated : 2024-02-28 19:51
NVD link : CVE-2022-40304
Mitre link : CVE-2022-40304
CVE.ORG link : CVE-2022-40304
JSON object : View
Products Affected
netapp
- h300s_firmware
- h410s_firmware
- h410c_firmware
- h300s
- snapmanager
- smi-s_provider
- clustered_data_ontap_antivirus_connector
- h700s
- manageability_software_development_kit
- h410c
- active_iq_unified_manager
- h410s
- h500s_firmware
- h500s
- clustered_data_ontap
- h700s_firmware
apple
- tvos
- iphone_os
- ipados
- watchos
- macos
xmlsoft
- libxml2
CWE
CWE-415
Double Free