{"api_version":"1","generated_at":"2026-04-22T19:37:34+00:00","cve":"CVE-2022-40303","urls":{"html":"https://cve.report/CVE-2022-40303","api":"https://cve.report/api/cve/CVE-2022-40303.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-40303","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-40303"},"summary":{"title":"CVE-2022-40303","description":"An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-11-23 00:15:00","updated_at":"2023-11-07 03:52:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://support.apple.com/kb/HT213536","name":"https://support.apple.com/kb/HT213536","refsource":"CONFIRM","tags":[],"title":"About the security content of watchOS 9.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213531","name":"https://support.apple.com/kb/HT213531","refsource":"CONFIRM","tags":[],"title":"About the security content of iOS 15.7.2 and iPadOS 15.7.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213534","name":"https://support.apple.com/kb/HT213534","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Big Sur 11.7.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213533","name":"https://support.apple.com/kb/HT213533","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Monterey 12.6.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/21","name":"20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213535","name":"https://support.apple.com/kb/HT213535","refsource":"CONFIRM","tags":[],"title":"About the security content of tvOS 16.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/25","name":"20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0","name":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0","refsource":"MISC","tags":[],"title":"[CVE-2022-40303] Fix integer overflows with XML_PARSE_HUGE (c8469863) · Commits · GNOME / libxml2 · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/27","name":"20221220 APPLE-SA-2022-12-13-8 watchOS 9.2","refsource":"","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-8 watchOS 9.2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/24","name":"20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20221209-0003/","name":"https://security.netapp.com/advisory/ntap-20221209-0003/","refsource":"CONFIRM","tags":[],"title":"November 2022 Libxml2 Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","name":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","refsource":"MISC","tags":[],"title":"v2.10.3 · Tags · GNOME / libxml2 · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/26","name":"20221220 APPLE-SA-2022-12-13-7 tvOS 16.2","refsource":"FULLDISC","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-40303","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40303","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"tvos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager_for_vmware_vsphere","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap_antivirus_connector","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410c","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410c_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"netapp_manageability_sdk","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"ontap_select_deploy_administration_utility","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"snapmanager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"hyper-v","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40303","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xmlsoft","cpe5":"libxml2","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-40303","qid":"160396","title":"Oracle Enterprise Linux Security Update for libxml2 (ELSA-2023-0173)"},{"cve":"CVE-2022-40303","qid":"160413","title":"Oracle Enterprise Linux Security Update for libxml2 (ELSA-2023-0338)"},{"cve":"CVE-2022-40303","qid":"181179","title":"Debian Security Update for libxml2 (DLA 3172-1)"},{"cve":"CVE-2022-40303","qid":"181192","title":"Debian Security Update for libxml2 (DSA 5271-1)"},{"cve":"CVE-2022-40303","qid":"182901","title":"Debian Security Update for libxml2 (CVE-2022-40303)"},{"cve":"CVE-2022-40303","qid":"199063","title":"Ubuntu Security Notification for libxml2 Vulnerabilities (USN-5760-1)"},{"cve":"CVE-2022-40303","qid":"241064","title":"Red Hat Update for libxml2 (RHSA-2023:0173)"},{"cve":"CVE-2022-40303","qid":"241093","title":"Red Hat Update for libxml2 (RHSA-2023:0338)"},{"cve":"CVE-2022-40303","qid":"242753","title":"Red Hat Update for libxml2 (RHSA-2024:0413)"},{"cve":"CVE-2022-40303","qid":"283234","title":"Fedora Security Update for libxml2 (FEDORA-2022-aeafd24818)"},{"cve":"CVE-2022-40303","qid":"283465","title":"Fedora Security Update for libxml2 (FEDORA-2022-a6812b0224)"},{"cve":"CVE-2022-40303","qid":"330130","title":"IBM AIX Arbitrary Code Execution Vulnerability in libxml2 (libxml2_advisory3)"},{"cve":"CVE-2022-40303","qid":"354430","title":"Amazon Linux Security Advisory for libxml2 : ALAS2022-2022-258"},{"cve":"CVE-2022-40303","qid":"354487","title":"Amazon Linux Security Advisory for xmlsec1 : ALAS2022-2022-257"},{"cve":"CVE-2022-40303","qid":"354559","title":"Amazon Linux Security Advisory for xmlsec1 : ALAS-2022-257"},{"cve":"CVE-2022-40303","qid":"354560","title":"Amazon Linux Security Advisory for libxml2 : ALAS-2022-258"},{"cve":"CVE-2022-40303","qid":"354834","title":"Amazon Linux Security Advisory for libxml2 : ALAS2-2023-1996"},{"cve":"CVE-2022-40303","qid":"354929","title":"Amazon Linux Security Advisory for libxml2 : ALAS-2023-1743"},{"cve":"CVE-2022-40303","qid":"355209","title":"Amazon Linux Security Advisory for libxml2 : ALAS2023-2023-096"},{"cve":"CVE-2022-40303","qid":"355268","title":"Amazon Linux Security Advisory for xmlsec1 : ALAS2023-2023-097"},{"cve":"CVE-2022-40303","qid":"356980","title":"Amazon Linux Security Advisory for libxml2 : AL2012-2023-464"},{"cve":"CVE-2022-40303","qid":"377762","title":"Apple MacOS Ventura 13.0.1 Not Installed (HT213504)"},{"cve":"CVE-2022-40303","qid":"377831","title":"Apple macOS Monterey 12.6.2 Not Installed (HT213533)"},{"cve":"CVE-2022-40303","qid":"377832","title":"Apple macOS Big Sur 11.7.2 Not Installed (HT213534)"},{"cve":"CVE-2022-40303","qid":"377902","title":"Alibaba Cloud Linux Security Update for libxml2 (ALINUX3-SA-2023:0008)"},{"cve":"CVE-2022-40303","qid":"378599","title":"Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)"},{"cve":"CVE-2022-40303","qid":"502547","title":"Alpine Linux Security Update for libxml2"},{"cve":"CVE-2022-40303","qid":"502741","title":"Alpine Linux Security Update for libxml2"},{"cve":"CVE-2022-40303","qid":"610450","title":"Apple iOS 16.1.1 and iPadOS 16.1.1 Security Update Missing"},{"cve":"CVE-2022-40303","qid":"610455","title":"Apple iOS 15.7.2 and iPadOS 15.7.2 Security Update Missing"},{"cve":"CVE-2022-40303","qid":"610470","title":"Google Pixel Android March 2023 Security Patch Missing"},{"cve":"CVE-2022-40303","qid":"610486","title":"Google Android April 2023 Security Patch Missing for Huawei EMUI"},{"cve":"CVE-2022-40303","qid":"672422","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2022-2800)"},{"cve":"CVE-2022-40303","qid":"672493","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1016)"},{"cve":"CVE-2022-40303","qid":"672514","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1041)"},{"cve":"CVE-2022-40303","qid":"672550","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1130)"},{"cve":"CVE-2022-40303","qid":"672571","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1106)"},{"cve":"CVE-2022-40303","qid":"672616","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1393)"},{"cve":"CVE-2022-40303","qid":"672665","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1365)"},{"cve":"CVE-2022-40303","qid":"672769","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1510)"},{"cve":"CVE-2022-40303","qid":"710675","title":"Gentoo Linux libxml2 Multiple Vulnerabilities (GLSA 202210-39)"},{"cve":"CVE-2022-40303","qid":"752695","title":"SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3692-1)"},{"cve":"CVE-2022-40303","qid":"752722","title":"SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3717-1)"},{"cve":"CVE-2022-40303","qid":"752764","title":"SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3871-1)"},{"cve":"CVE-2022-40303","qid":"904558","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11474)"},{"cve":"CVE-2022-40303","qid":"904562","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11471)"},{"cve":"CVE-2022-40303","qid":"904624","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11474-1)"},{"cve":"CVE-2022-40303","qid":"904644","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11471-1)"},{"cve":"CVE-2022-40303","qid":"940884","title":"AlmaLinux Security Update for libxml2 (ALSA-2023:0173)"},{"cve":"CVE-2022-40303","qid":"940901","title":"AlmaLinux Security Update for libxml2 (ALSA-2023:0338)"},{"cve":"CVE-2022-40303","qid":"960535","title":"Rocky Linux Security Update for libxml2 (RLSA-2023:0173)"},{"cve":"CVE-2022-40303","qid":"960547","title":"Rocky Linux Security Update for libxml2 (RLSA-2023:0338)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-40303","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3"},{"refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0","url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20221209-0003/","url":"https://security.netapp.com/advisory/ntap-20221209-0003/"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213534","url":"https://support.apple.com/kb/HT213534"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213533","url":"https://support.apple.com/kb/HT213533"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213531","url":"https://support.apple.com/kb/HT213531"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213536","url":"https://support.apple.com/kb/HT213536"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213535","url":"https://support.apple.com/kb/HT213535"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2","url":"http://seclists.org/fulldisclosure/2022/Dec/21"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2","url":"http://seclists.org/fulldisclosure/2022/Dec/25"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-7 tvOS 16.2","url":"http://seclists.org/fulldisclosure/2022/Dec/26"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2","url":"http://seclists.org/fulldisclosure/2022/Dec/24"}]}},"nvd":{"publishedDate":"2022-11-23 00:15:00","lastModifiedDate":"2023-11-07 03:52:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","versionEndExcluding":"2.10.3","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:netapp_manageability_sdk:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"9.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"16.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.6.2","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":null,"notes":[]}}}