{"api_version":"1","generated_at":"2026-04-22T19:37:39+00:00","cve":"CVE-2022-40304","urls":{"html":"https://cve.report/CVE-2022-40304","api":"https://cve.report/api/cve/CVE-2022-40304.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-40304","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-40304"},"summary":{"title":"CVE-2022-40304","description":"An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-11-23 18:15:00","updated_at":"2023-11-07 03:52:00"},"problem_types":["CWE-415"],"metrics":[],"references":[{"url":"https://support.apple.com/kb/HT213536","name":"https://support.apple.com/kb/HT213536","refsource":"CONFIRM","tags":[],"title":"About the security content of watchOS 9.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213531","name":"https://support.apple.com/kb/HT213531","refsource":"CONFIRM","tags":[],"title":"About the security content of iOS 15.7.2 and iPadOS 15.7.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213534","name":"https://support.apple.com/kb/HT213534","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Big Sur 11.7.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.apple.com/kb/HT213533","name":"https://support.apple.com/kb/HT213533","refsource":"CONFIRM","tags":[],"title":"About the security content of macOS Monterey 12.6.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/21","name":"20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://support.apple.com/kb/HT213535","name":"https://support.apple.com/kb/HT213535","refsource":"CONFIRM","tags":[],"title":"About the security content of tvOS 16.2 - Apple Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/25","name":"20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/27","name":"20221220 APPLE-SA-2022-12-13-8 watchOS 9.2","refsource":"","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-8 watchOS 9.2","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/24","name":"20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20221209-0003/","name":"https://security.netapp.com/advisory/ntap-20221209-0003/","refsource":"CONFIRM","tags":[],"title":"November 2022 Libxml2 Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b","name":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b","refsource":"MISC","tags":[],"title":"[CVE-2022-40304] Fix dict corruption caused by entity reference cycles (1b41ec4e) · Commits · GNOME / libxml2 · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","name":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","refsource":"MISC","tags":[],"title":"v2.10.3 · Tags · GNOME / libxml2 · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags","name":"https://gitlab.gnome.org/GNOME/libxml2/-/tags","refsource":"MISC","tags":[],"title":"Tags · GNOME / libxml2 · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2022/Dec/26","name":"20221220 APPLE-SA-2022-12-13-7 tvOS 16.2","refsource":"FULLDISC","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-40304","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40304","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"ipados","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"iphone_os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"macos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"tvos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"watchos","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"clustered_data_ontap_antivirus_connector","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h300s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h300s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410c","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410c_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h410s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h410s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h500s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h500s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"netapp","cpe5":"h700s","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"netapp","cpe5":"h700s_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"manageability_software_development_kit","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"smi-s_provider","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"snapmanager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"hyper-v","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"40304","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xmlsoft","cpe5":"libxml2","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-40304","qid":"160396","title":"Oracle Enterprise Linux Security Update for libxml2 (ELSA-2023-0173)"},{"cve":"CVE-2022-40304","qid":"160413","title":"Oracle Enterprise Linux Security Update for libxml2 (ELSA-2023-0338)"},{"cve":"CVE-2022-40304","qid":"181179","title":"Debian Security Update for libxml2 (DLA 3172-1)"},{"cve":"CVE-2022-40304","qid":"181192","title":"Debian Security Update for libxml2 (DSA 5271-1)"},{"cve":"CVE-2022-40304","qid":"183528","title":"Debian Security Update for libxml2 (CVE-2022-40304)"},{"cve":"CVE-2022-40304","qid":"199063","title":"Ubuntu Security Notification for libxml2 Vulnerabilities (USN-5760-1)"},{"cve":"CVE-2022-40304","qid":"241064","title":"Red Hat Update for libxml2 (RHSA-2023:0173)"},{"cve":"CVE-2022-40304","qid":"241093","title":"Red Hat Update for libxml2 (RHSA-2023:0338)"},{"cve":"CVE-2022-40304","qid":"242753","title":"Red Hat Update for libxml2 (RHSA-2024:0413)"},{"cve":"CVE-2022-40304","qid":"283234","title":"Fedora Security Update for libxml2 (FEDORA-2022-aeafd24818)"},{"cve":"CVE-2022-40304","qid":"283465","title":"Fedora Security Update for libxml2 (FEDORA-2022-a6812b0224)"},{"cve":"CVE-2022-40304","qid":"330130","title":"IBM AIX Arbitrary Code Execution Vulnerability in libxml2 (libxml2_advisory3)"},{"cve":"CVE-2022-40304","qid":"354430","title":"Amazon Linux Security Advisory for libxml2 : ALAS2022-2022-258"},{"cve":"CVE-2022-40304","qid":"354487","title":"Amazon Linux Security Advisory for xmlsec1 : ALAS2022-2022-257"},{"cve":"CVE-2022-40304","qid":"354559","title":"Amazon Linux Security Advisory for xmlsec1 : ALAS-2022-257"},{"cve":"CVE-2022-40304","qid":"354560","title":"Amazon Linux Security Advisory for libxml2 : ALAS-2022-258"},{"cve":"CVE-2022-40304","qid":"354834","title":"Amazon Linux Security Advisory for libxml2 : ALAS2-2023-1996"},{"cve":"CVE-2022-40304","qid":"354929","title":"Amazon Linux Security Advisory for libxml2 : ALAS-2023-1743"},{"cve":"CVE-2022-40304","qid":"355209","title":"Amazon Linux Security Advisory for libxml2 : ALAS2023-2023-096"},{"cve":"CVE-2022-40304","qid":"355268","title":"Amazon Linux Security Advisory for xmlsec1 : ALAS2023-2023-097"},{"cve":"CVE-2022-40304","qid":"377762","title":"Apple MacOS Ventura 13.0.1 Not Installed (HT213504)"},{"cve":"CVE-2022-40304","qid":"377831","title":"Apple macOS Monterey 12.6.2 Not Installed (HT213533)"},{"cve":"CVE-2022-40304","qid":"377832","title":"Apple macOS Big Sur 11.7.2 Not Installed (HT213534)"},{"cve":"CVE-2022-40304","qid":"377902","title":"Alibaba Cloud Linux Security Update for libxml2 (ALINUX3-SA-2023:0008)"},{"cve":"CVE-2022-40304","qid":"378433","title":"Oracle Hypertext Transfer Protocol Server (HTTP Server) Server Multiple Vulnerabilities (CPUAPR2023)"},{"cve":"CVE-2022-40304","qid":"378599","title":"Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)"},{"cve":"CVE-2022-40304","qid":"502547","title":"Alpine Linux Security Update for libxml2"},{"cve":"CVE-2022-40304","qid":"502741","title":"Alpine Linux Security Update for libxml2"},{"cve":"CVE-2022-40304","qid":"610450","title":"Apple iOS 16.1.1 and iPadOS 16.1.1 Security Update Missing"},{"cve":"CVE-2022-40304","qid":"610455","title":"Apple iOS 15.7.2 and iPadOS 15.7.2 Security Update Missing"},{"cve":"CVE-2022-40304","qid":"672422","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2022-2800)"},{"cve":"CVE-2022-40304","qid":"672493","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1016)"},{"cve":"CVE-2022-40304","qid":"672514","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1041)"},{"cve":"CVE-2022-40304","qid":"672550","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1130)"},{"cve":"CVE-2022-40304","qid":"672571","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1106)"},{"cve":"CVE-2022-40304","qid":"672616","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1393)"},{"cve":"CVE-2022-40304","qid":"672665","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1365)"},{"cve":"CVE-2022-40304","qid":"672769","title":"EulerOS Security Update for libxml2 (EulerOS-SA-2023-1510)"},{"cve":"CVE-2022-40304","qid":"710675","title":"Gentoo Linux libxml2 Multiple Vulnerabilities (GLSA 202210-39)"},{"cve":"CVE-2022-40304","qid":"752695","title":"SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3692-1)"},{"cve":"CVE-2022-40304","qid":"752722","title":"SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3717-1)"},{"cve":"CVE-2022-40304","qid":"752764","title":"SUSE Enterprise Linux Security Update for libxml2 (SUSE-SU-2022:3871-1)"},{"cve":"CVE-2022-40304","qid":"904575","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11505)"},{"cve":"CVE-2022-40304","qid":"904587","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11500)"},{"cve":"CVE-2022-40304","qid":"904623","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11505-1)"},{"cve":"CVE-2022-40304","qid":"904631","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for libxml2 (11500-1)"},{"cve":"CVE-2022-40304","qid":"940884","title":"AlmaLinux Security Update for libxml2 (ALSA-2023:0173)"},{"cve":"CVE-2022-40304","qid":"940901","title":"AlmaLinux Security Update for libxml2 (ALSA-2023:0338)"},{"cve":"CVE-2022-40304","qid":"960535","title":"Rocky Linux Security Update for libxml2 (RLSA-2023:0173)"},{"cve":"CVE-2022-40304","qid":"960547","title":"Rocky Linux Security Update for libxml2 (RLSA-2023:0338)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-40304","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags","refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/libxml2/-/tags"},{"refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3"},{"refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b","url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20221209-0003/","url":"https://security.netapp.com/advisory/ntap-20221209-0003/"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213534","url":"https://support.apple.com/kb/HT213534"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213533","url":"https://support.apple.com/kb/HT213533"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213531","url":"https://support.apple.com/kb/HT213531"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213536","url":"https://support.apple.com/kb/HT213536"},{"refsource":"CONFIRM","name":"https://support.apple.com/kb/HT213535","url":"https://support.apple.com/kb/HT213535"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2","url":"http://seclists.org/fulldisclosure/2022/Dec/21"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2","url":"http://seclists.org/fulldisclosure/2022/Dec/25"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-7 tvOS 16.2","url":"http://seclists.org/fulldisclosure/2022/Dec/26"},{"refsource":"FULLDISC","name":"20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2","url":"http://seclists.org/fulldisclosure/2022/Dec/24"}]}},"nvd":{"publishedDate":"2022-11-23 18:15:00","lastModifiedDate":"2023-11-07 03:52:00","problem_types":["CWE-415"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","versionEndExcluding":"2.10.3","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0","versionEndExcluding":"11.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","versionEndExcluding":"9.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","versionEndExcluding":"16.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","versionEndExcluding":"15.7.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.6.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}