admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-403xx/CVE-2022-40303.json
cad-safe-bot b47d02a333 Auto-Update: 2023-11-07T21:02:52.274489+00:00
2023-11-07 21:03:21 +00:00

390 lines
11 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-40303",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-11-23T00:15:11.007",
"lastModified": "2023-11-07T03:52:15.280",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en libxml2 antes de la versi\u00f3n 2.10.3. Al analizar un documento XML de varios gigabytes con la opci\u00f3n de analizador XML_PARSE_HUGE habilitada, varios contadores de enteros pueden desbordarse. Esto da como resultado un intento de acceder a una matriz con un desplazamiento negativo de 2 GB, lo que normalmente provoca un error de segmentaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.10.3",
"matchCriteriaId": "4A677043-FA7F-4C59-B1E4-242ABBA60ED7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "E8F29E19-3A64-4426-A2AA-F169440267CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62347994-1353-497C-9C4A-D5D8D95F67E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:netapp_manageability_sdk:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F88BEC4-2725-4666-ADA5-BFD8AC1F6575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:hyper-v:*:*",
"matchCriteriaId": "80774A35-B0B8-4F9C-99CA-23849978D158"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.2",
"matchCriteriaId": "C5892A8E-3D71-4ED7-ABFC-973DE74C2AD7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.2",
"matchCriteriaId": "2B03CFDD-AC66-4B07-A8CB-E026FCB8A1AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.2",
"matchCriteriaId": "5867A268-292B-4DB2-8CA7-DE06D7125E2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.2",
"matchCriteriaId": "3E5F532D-8E16-48F4-8612-4D51D1BD38FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.2",
"matchCriteriaId": "400AD564-BDEC-4C81-B650-56357BEBF0C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2",
"matchCriteriaId": "7A9F3F63-6BF8-4DD5-97FD-D9C90A62ECB0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/21",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/24",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/25",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/26",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"source": "cve@mitre.org"
},
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20221209-0003/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213531",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213533",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213534",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213535",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213536",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink