{"id":"CVE-2022-40304","details":"An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.","modified":"2026-04-16T04:35:13.634671942Z","published":"2022-11-23T18:15:12.167Z","related":["ALSA-2023:0173","ALSA-2023:0338","CGA-m6vr-gjjq-xqp7","SUSE-SU-2022:3692-1","SUSE-SU-2022:3717-1","SUSE-SU-2022:3871-1","openSUSE-SU-2024:12419-1"],"references":[{"type":"WEB","url":"http://seclists.org/fulldisclosure/2022/Dec/27"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213535"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213536"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/Dec/21"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/Dec/24"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/Dec/26"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20221209-0003/"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213531"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2022/Dec/25"},{"type":"ADVISORY","url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213533"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT213534"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/GNOME/libxml2","events":[{"introduced":"0"},{"fixed":"f507d167f1755b7eaea09fb1a44d29aab828b6d1"},{"fixed":"1b41ec4e9433b05bb0376be4725804c54ef1d80b"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.10.3"}]}}],"versions":["CVE-2013-2877","CVE-2014-0191","CVE-2014-3660","CVE-2015-1819","CVE-2015-5312","CVE-2015-7497","CVE-2015-7498","CVE-2015-7499-1","CVE-2015-7499-2","CVE-2015-7500","CVE-2015-7941_1","CVE-2015-7941_2","CVE-2015-7942","CVE-2015-7942-2","CVE-2015-8035","CVE-2015-8242","CVE-2015-8317","CVE-2016-1762","CVE-2016-1833","CVE-2016-1834","CVE-2016-1835","CVE-2016-1836","CVE-2016-1837","CVE-2016-1838","CVE-2016-1839","CVE-2016-1840","CVE-2016-3627","CVE-2016-3705","CVE-2016-4449","CVE-2016-4483","CVE-2021-3541","EAZEL-NAUTILUS-MS-AUG07","FOR_GNOME_0_99_1","GNOME_0_30","GNOME_PRINT_0_24","GNUMERIC_FIRST_PUBLIC_RELEASE","LIBXML2.6.32","LIBXML2.7.0","LIBXML2.7.1","LIBXML2.7.2","LIBXML2.7.3","LIBXML2_2_4_21","LIBXML2_2_5_0","LIBXML2_2_5_10","LIBXML2_2_5_7","LIBXML2_2_5_8","LIBXML2_2_5_9","LIBXML2_2_5_x","LIBXML2_2_6_1","LIBXML2_2_6_11","LIBXML2_2_6_12","LIBXML2_2_6_13","LIBXML2_2_6_14","LIBXML2_2_6_15","LIBXML2_2_6_16","LIBXML2_2_6_18","LIBXML2_2_6_19","LIBXML2_2_6_2","LIBXML2_2_6_20","LIBXML2_2_6_21","LIBXML2_2_6_22","LIBXML2_2_6_23","LIBXML2_2_6_24","LIBXML2_2_6_26","LIBXML2_2_6_27","LIBXML2_2_6_28","LIBXML2_2_6_3","LIBXML2_2_6_4","LIBXML2_2_6_5","LIBXML2_2_6_6","LIBXML2_2_6_7","LIBXML2_2_6_8","LIBXML2_2_6_9","LIBXML2_6_0","LIBXML_0_99","LIBXML_1_5_0","LIBXML_1_8_5","LIBXML_1_8_6","LIBXML_2_0_0","LIBXML_2_1_0","LIBXML_2_1_1","LIBXML_2_2_1","LIBXML_2_2_3","LIBXML_2_2_4","LIBXML_2_2_6","LIBXML_2_2_7","LIBXML_2_2_8","LIBXML_2_3_0","LIBXML_2_3_10","LIBXML_2_3_11","LIBXML_2_3_12","LIBXML_2_3_13","LIBXML_2_3_14","LIBXML_2_3_2","LIBXML_2_3_3","LIBXML_2_3_4","LIBXML_2_3_5","LIBXML_2_3_6","LIBXML_2_3_7","LIBXML_2_3_8","LIBXML_2_3_9","LIBXML_2_4_0","LIBXML_2_4_11","LIBXML_2_4_12","LIBXML_2_4_13","LIBXML_2_4_14","LIBXML_2_4_16","LIBXML_2_4_18","LIBXML_2_4_2","LIBXML_2_4_20","LIBXML_2_4_22","LIBXML_2_4_23","LIBXML_2_4_24","LIBXML_2_4_25","LIBXML_2_4_26","LIBXML_2_4_27","LIBXML_2_4_29","LIBXML_2_4_3","LIBXML_2_4_30","LIBXML_2_4_4","LIBXML_2_4_6","LIBXML_2_4_7","LIBXML_2_5_1","LIBXML_2_5_2","LIBXML_2_5_3","LIBXML_2_5_4","LIBXML_2_5_5","LIBXML_2_5_6","LIBXML_2_6_10","LIBXML_TEST_2_0_0","LIB_XML_1_1","LIB_XML_1_3","LIB_XML_1_4","LIB_XML_1_6_1","LIB_XML_1_6_2","LIB_XML_1_7_0","LIB_XML_1_7_1","LIB_XML_1_7_3","LIB_XML_1_8_3","LIB_XML_1_X","PRE_MUCKUP","PRE_MUCKUP2","PRE_MUCKUP3","help","v2.10.0","v2.10.1","v2.10.2","v2.7.4","v2.7.5","v2.7.6","v2.7.7","v2.7.8","v2.8.0","v2.8.0-rc1","v2.8.0-rc2","v2.9.0","v2.9.0-rc2","v2.9.1","v2.9.10","v2.9.10-rc1","v2.9.11","v2.9.12","v2.9.13","v2.9.2","v2.9.2-rc1","v2.9.2-rc2","v2.9.3","v2.9.4","v2.9.4-rc1","v2.9.4-rc2","v2.9.5","v2.9.5-rc1","v2.9.5-rc2","v2.9.6","v2.9.6-rc1","v2.9.7","v2.9.7-rc1","v2.9.8","v2.9.8-rc1","v2.9.9","v2.9.9-rc1","v2.9.9-rc2"],"database_specific":{"vanir_signatures_modified":"2026-04-12T01:27:59Z","vanir_signatures":[{"signature_version":"v1","source":"https://gitlab.gnome.org/GNOME/libxml2@1b41ec4e9433b05bb0376be4725804c54ef1d80b","target":{"file":"entities.c","function":"xmlFreeEntity"},"deprecated":false,"signature_type":"Function","digest":{"length":1518,"function_hash":"212469072739278288309289786806033539927"},"id":"CVE-2022-40304-376b1588"},{"signature_version":"v1","source":"https://gitlab.gnome.org/GNOME/libxml2@1b41ec4e9433b05bb0376be4725804c54ef1d80b","target":{"file":"entities.c"},"deprecated":false,"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["190634309909365081572002964407253390679","20981680598902946597459201174086077651","135843228308911638673221580279593924552","271415920501539270409818771333293193896","186202718443874429665500032856239860646","32088003333689128658313958731218420663","44854604637128393226590259948466683756","83584544373375457504351447727436542090","22139364655739247051689193855732986544","208674971791359833230249325535172527155","266066056691113486615055456167162324174","313341472861122787965230127183017085052","127246761576932228108426114084403362830","78839942765528730925746383588030003090","236478687228405542599739329630909915056","245905885476591261846000206262995077905","337884462249140212206220716934032023572","200369385658860404298075823919733363331","34954884922395009518202216480267812096","77337070722703062369588001713270798945","242458885784932244582738195390255882943","81302689171149179324244108486628716980","221227936269076106976937737383859706862","263301782477819491026734216585822386774","302177671052737766655115027868189079618","201536121183659372662912577180426576551","188721642947628140206203838293447428215","138533467519930953247435247287428716584","108601975786066442389999829442449230000","231141905344525440643245490934281708454","124281652967162078265088719179719004604","296716198641811836580688440062790141425","106652085057826332825731245215327335082","84797466063776963283596362932182636183","305642424639555715981956811880573835991","326594552024490137922567897574735822816","120050400841177294112893518169352104865","163012958334194570575329210130758997215","62991651390362493403073226293187881788","156277527602119723146761073091882877465","258254701040536153668645260100060120855","46763122142022486641542133773457232365","275348114928367355877731400569713379273","267821946119455383337763212212522317663","143641219971710333464881101828664565438","187283542437493006705000548602924845765","321856565995081156862682941697761830569","36512508789285488580383488773230505393"]},"id":"CVE-2022-40304-656d1bff"},{"source":"https://gitlab.gnome.org/GNOME/libxml2@1b41ec4e9433b05bb0376be4725804c54ef1d80b","id":"CVE-2022-40304-96df7d08","target":{"file":"entities.c","function":"xmlCreateEntity"},"deprecated":false,"signature_type":"Function","digest":{"length":1174,"function_hash":"8557866305532818140713559980477253807"},"signature_version":"v1"}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"15.7.2"}]},{"events":[{"introduced":"0"},{"fixed":"15.7.2"}]},{"events":[{"introduced":"11.0"},{"fixed":"11.7.2"}]},{"events":[{"introduced":"12.0"},{"fixed":"12.6.2"}]},{"events":[{"introduced":"0"},{"fixed":"16.2"}]},{"events":[{"introduced":"0"},{"fixed":"9.2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-40304.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}