CVE-2022-40303
published 2022-11-23CVE-2022-40303: An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer…
PriorityP276high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
22.79%
97.4th percentile
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_15.7.2_and_ipados | — | — |
| apple | ios_16.1.1_and_ipados | — | — |
| apple | ipados | < 15.7.2 | 15.7.2 |
| apple | iphone_os | < 15.7.2 | 15.7.2 |
| apple | macos | >= 11.0 < 11.7.2 | 11.7.2 |
| apple | macos | >= 12.0 < 12.6.2 | 12.6.2 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | macos_ventura | — | — |
| apple | tvos | < 16.2 | 16.2 |
| apple | tvos16.2 | — | — |
| apple | watchos | < 9.2 | 9.2 |
| apple | watchos | — | — |
| debian | libxml2 | < libxml2 2.9.14+dfsg-1.1 (bookworm) | libxml2 2.9.14+dfsg-1.1 (bookworm) |
| gnu | inetutils | >= 0 < 2:1.9.4-11ubuntu0.2 | 2:1.9.4-11ubuntu0.2 |
| gnu | inetutils | >= 0 < 2:2.2-2ubuntu0.1 | 2:2.2-2ubuntu0.1 |
| gnu | inetutils | >= 0 < 2:1.9.2-1ubuntu0.1~esm2 | 2:1.9.2-1ubuntu0.1~esm2 |
| gnu | inetutils | >= 0 < 2:1.9.4-1ubuntu0.1~esm3 | 2:1.9.4-1ubuntu0.1~esm3 |
| gnu | inetutils | >= 0 < 2:1.9.4-3ubuntu0.1+esm2 | 2:1.9.4-3ubuntu0.1+esm2 |
| msrc | cbl2_libxml2_2.10.3-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_libxml2_2.9.14-3_on_cbl_mariner_1.0 | — | — |
| nokogiri | nokogiri | >= 0 < 1.13.9 | 1.13.9 |
| paloalto | pan-os | — | — |
| platform | external_libxml2 | >= 13:0 < 13:2023-03-01 | 13:2023-03-01 |
| xmlsoft | libxml2 | < 2.10.3 | 2.10.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2022-40303 affects libxml2 before version 2.10.3; trigger condition requires XML_PARSE_HUGE parser option to be enabled when parsing a multi-gigabyte XML document, causing integer counter overflow and negative 2GB array offset access ↗
- →The vulnerability is an integer overflow in libxml2 XML parsing; detection should focus on anomalously large XML documents submitted to applications using libxml2 with XML_PARSE_HUGE enabled ↗
- →Apple patched CVE-2022-40303 in iOS 16.1.1 and iPadOS 16.1.1; unpatched Apple devices running iOS prior to 16.1.1 are vulnerable to remote-triggered unexpected app termination or arbitrary code execution via crafted XML ↗
- →libxml2 incorrectly handled certain XML files leading to sensitive information exposure or crash; monitor for crashes or unexpected terminations in applications parsing XML with libxml2 < 2.10.3 ↗
- ·The integer overflow vulnerability is only triggerable when the XML_PARSE_HUGE parser option is explicitly enabled; applications not using this flag are not directly vulnerable via this specific code path ↗
- ·Apple's tvOS 16.2 advisory attributes a different impact (Pointer Authentication bypass with arbitrary read/write) and a different component (Kernel) to the same CVE number, suggesting Apple may have reused the CVE identifier for a distinct issue; analysts should verify the correct scope when applying detections across Apple platforms ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ghsa7.5HIGH
osv7.8HIGH
vulncheck7.5HIGH
vendor_debian7.5HIGH
vendor_msrc7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
inetutils vulnerabilities
osv·2025-09-28·CVSS 7.8
CVE-2019-0053 inetutils vulnerabilities
inetutils vulnerabilities
Matthew Hickey discovered that Inetutils did not correctly handle certain
escape characters. An attacker could possibly use this issue to cause a
denial of service. (CVE-2019-0053)
It was discovered that Inetutils did not correctly handle certain memory
operations. An attacker could possibly use this issue to execute arbitrary
code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-10188)
It was discovered that Inetutils did not correctly handle certain memory
operations. An attacker could possibly use this issue to cause a denial of
service. (CVE-2022-39028)
It was discovered that Inetutils did not check the return values of set*id
functions. An attacker could possibly use this issue to escalate their
privileges. (CVE-2023-40303)
OSV
inetutils vulnerabilities
osv·2023-08-22·CVSS 7.5
CVE-2022-39028 inetutils vulnerabilities
inetutils vulnerabilities
It was discovered that telnetd in GNU Inetutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash. This issue
only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS (CVE-2022-39028)
It was discovered that Inetutils incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information,
or execute arbitrary code.
(CVE-2023-40303)
OSV
CVE-2022-40303: In multiple functions of parser
osv·2023-03-01
CVE-2022-40303 CVE-2022-40303: In multiple functions of parser
In multiple functions of parser.c, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
libxml2 vulnerabilities
osv·2022-12-05·CVSS 7.5
CVE-2022-40303 [HIGH] libxml2 vulnerabilities
libxml2 vulnerabilities
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
OSV
libxml2 vulnerabilities
osv·2022-12-05·CVSS 7.5
CVE-2022-2309 [HIGH] libxml2 vulnerabilities
libxml2 vulnerabilities
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
GHSA
GHSA-94m8-rgr8-rg5g: An issue was discovered in libxml2 before 2
ghsa_unreviewed·2022-11-23
CVE-2022-40303 [HIGH] CWE-190 GHSA-94m8-rgr8-rg5g: An issue was discovered in libxml2 before 2
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
OSV
CVE-2022-40303: An issue was discovered in libxml2 before 2
osv·2022-11-23·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: An issue was discovered in libxml2 before 2
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
OSV
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
osv·2022-10-18·CVSS 7.5
CVE-2022-2309 [HIGH] Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
### Summary
Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to [v2.10.3](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.3) from v2.9.14.
libxml2 v2.10.3 addresses the following known vulnerabilities:
- [CVE-2022-2309](https://nvd.nist.gov/vuln/detail/CVE-2022-2309)
- [CVE-2022-40304](https://nvd.nist.gov/vuln/detail/CVE-2022-40304)
- [CVE-2022-40303](https://nvd.nist.gov/vuln/detail/CVE-2022-40303)
Please note that this advisory only applies to the CRuby implementation of Nokogiri `= 1.13.9`.
Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against external libraries libxml2 `>= 2.10.3` which will also address these same issues.
GHSA
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
ghsa·2022-10-18·CVSS 7.5
CVE-2022-2309 [HIGH] Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
### Summary
Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to [v2.10.3](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.3) from v2.9.14.
libxml2 v2.10.3 addresses the following known vulnerabilities:
- [CVE-2022-2309](https://nvd.nist.gov/vuln/detail/CVE-2022-2309)
- [CVE-2022-40304](https://nvd.nist.gov/vuln/detail/CVE-2022-40304)
- [CVE-2022-40303](https://nvd.nist.gov/vuln/detail/CVE-2022-40303)
Please note that this advisory only applies to the CRuby implementation of Nokogiri `= 1.13.9`.
Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against external libraries libxml2 `>= 2.10.3` which will also address these same issues.
VulnCheck
xmlsoft libxml2 Integer Overflow or Wraparound
vulncheck·2022·CVSS 7.5
CVE-2022-40303 [HIGH] xmlsoft libxml2 Integer Overflow or Wraparound
xmlsoft libxml2 Integer Overflow or Wraparound
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
Affected: xmlsoft libxml2
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://support.apple.com/kb/HT213531
Ubuntu
Nokogiri vulnerabilities
vendor_ubuntu·2025-07-21·CVSS 2.6
CVE-2022-40303 [LOW] Nokogiri vulnerabilities
Title: Nokogiri vulnerabilities
Summary: Several security issues were fixed in Nokogiri.
It was discovered Nokogiri did not correctly parse XML Schemas.
If a user or automated system were tricked into opening a specially
crafted file, an attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-26247)
Agustin Gianni discovered that Nokogiri did not correctly parse
XML and HTML files. If a user or automated system were tricked into
opening a specially crafted file, an attacker could possibly use this
issue to cause a denial of service or leak sensitive information.
(CVE-2022-29181)
Instructions: In general, a standard system update will make all the necessary changes.
CISA ICS
Siemens SCALANCE W700
cisa_ics·2025-02-13
Siemens SCALANCE W700
ICS Advisory
##
Siemens SCALANCE W700
Release DateFebruary 13, 2025
Alert CodeICSA-25-044-09
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE W700
- Vulnerabilities: Double Free, Improper Restriction of Communication Channel to Intended Endpoints, Improper Resource Sh
Palo Alto
PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2025-02-12·CVSS 7.1
CVE-2015-5312 [HIGH] PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
T he Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2015-5312, CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, CVE-2016-4738, CVE-2018-1111, CVE-2018-14634, CVE-2018-18653, CVE-2019-0145, CVE-2019-8331, CVE-2020-0599, CVE-2020-14343, CVE-2020-14779, CVE-2020-27844, CVE-2020-29569, CVE-2021-21315, CVE-2021-27853, CVE-2021-27854, CVE-2021-27861, CVE-2021-27862, CVE-2021-3618, CVE-2021-3711, CVE-2022-2097, CVE-2022-22816, CVE-2022-40303, CVE-2022-41723, CVE-2022-41741, CVE-2022-41742, CVE-2023-3247, CVE-2023-38408, CVE-2023-44466, CVE-2023-50781, CVE-2023-50782, CVE-2024-12084, CV
CISA ICS
Siemens SIMATIC and SIPLUS
cisa_ics·2024-06-13
Siemens SIMATIC and SIPLUS
ICS Advisory
##
Siemens SIMATIC and SIPLUS
Release DateJune 13, 2024
Alert CodeICSA-24-165-10
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC, SIPLUS
- Vulnerabilities: Inadequate Encryption Strength, Improper Restriction of Operations within the Bounds of a Memory Bu
CISA ICS
Siemens ST7 ScadaConnect
cisa_ics·2024-06-13·CVSS 7.5
[HIGH] Siemens ST7 ScadaConnect
ICS Advisory
##
Siemens ST7 ScadaConnect
Release DateJune 13, 2024
Alert CodeICSA-24-165-04
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: ST7 ScadaConnect
- Vulnerabilities: Integer Overflow or Wraparound, Double Free, Improper Certificate Validation, Inefficient Regular Ex
CISA ICS
Siemens TIM 1531 IRC
cisa_ics·2024-06-13·CVSS 5.5
[MEDIUM] Siemens TIM 1531 IRC
ICS Advisory
##
Siemens TIM 1531 IRC
Release DateJune 13, 2024
Alert CodeICSA-24-165-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIPLUS TIM 1531 IRC
- Vulnerabilities: Improper Input Validation, Out-of-bounds Write, Inadequate Encryption Strength, Double Free, Missing
CISA ICS
Siemens Telecontrol Server Basic
cisa_ics·2024-04-11
Siemens Telecontrol Server Basic
ICS Advisory
##
Siemens Telecontrol Server Basic
Release DateApril 11, 2024
Alert CodeICSA-24-102-08
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Telecontrol Server Basic
- Vulnerabilities: Inadequate Encryption Strength, Double Free, Integer Overflow or Wraparound, External Control of File Name or Path, Path Traversal, Improper Input Validation, Missing Encry
Apple
CVE-2022-40303: tvOS16.2
vendor_apple·2022-12-13·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: tvOS16.2
Apple Security Update: About the security content of tvOS16.2
Product: tvOS16.2
CVE: CVE-2022-40303
Component: Kernel
Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
Description: The issue was addressed with improved checks.
Apple
CVE-2022-40303: macOS Monterey 12.6.2
vendor_apple·2022-12-13·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: macOS Monterey 12.6.2
Apple Security Update: About the security content of macOS Monterey 12.6.2
Product: macOS Monterey
Version: 12.6.2
CVE: CVE-2022-40303
Component: Kernel
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
Apple
CVE-2022-40303: macOS Big Sur 11.7.2
vendor_apple·2022-12-13·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: macOS Big Sur 11.7.2
Apple Security Update: About the security content of macOS Big Sur 11.7.2
Product: macOS Big Sur
Version: 11.7.2
CVE: CVE-2022-40303
Component: Kernel
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
Apple
CVE-2022-40303: watchOS 9.2
vendor_apple·2022-12-13·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: watchOS 9.2
Apple Security Update: About the security content of watchOS 9.2
Product: watchOS
Version: 9.2
CVE: CVE-2022-40303
Component: Kernel
Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
Description: The issue was addressed with improved checks.
Apple
CVE-2022-40303: iOS 15.7.2 and iPadOS 15.7.2
vendor_apple·2022-12-13·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: iOS 15.7.2 and iPadOS 15.7.2
Apple Security Update: About the security content of iOS 15.7.2 and iPadOS 15.7.2
Product: iOS 15.7.2 and iPadOS
Version: 15.7.2
CVE: CVE-2022-40303
Component: Kernel
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with additional validation.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2022-12-05·CVSS 7.5
CVE-2022-40304 [HIGH] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Several security issues were fixed in libxml2.
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2022-12-05·CVSS 7.5
CVE-2022-40304 [HIGH] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Several security issues were fixed in libxml2.
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
Instructions: In general, a standard system update will make all the necessary changes.
Apple
CVE-2022-40303: iOS 16.1.1 and iPadOS 16.1.1
vendor_apple·2022-11-09·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: iOS 16.1.1 and iPadOS 16.1.1
Apple Security Update: About the security content of iOS 16.1.1 and iPadOS 16.1.1
Product: iOS 16.1.1 and iPadOS
Version: 16.1.1
CVE: CVE-2022-40303
Component: About Apple security updates
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed through improved input validation.
Apple
CVE-2022-40303: macOS Ventura 13.0.1
vendor_apple·2022-11-09·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: macOS Ventura 13.0.1
Apple Security Update: About the security content of macOS Ventura 13.0.1
Product: macOS Ventura
Version: 13.0.1
CVE: CVE-2022-40303
Component: About Apple security updates
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed through improved input validation.
Microsoft
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled several integer counters can overflow. This results in an att
vendor_msrc·2022-11-08·CVSS 7.5
CVE-2022-40303 [HIGH] CWE-190 An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled several integer counters can overflow. This results in an att
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset typically leading to a segmentation fault.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog po
Red Hat
libxml2: integer overflows with XML_PARSE_HUGE
vendor_redhat·2022-10-14·CVSS 7.5
CVE-2022-40303 [HIGH] CWE-190 libxml2: integer overflows with XML_PARSE_HUGE
libxml2: integer overflows with XML_PARSE_HUGE
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
A flaw was found in libxml2. Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation.
Statement: This flaw is only triggered when parsing a multi-gigabyte XML document with the XML_PARSE_HUGE option enabled, and the most likely impact of this flaw is a Denial of Service in the application
Debian
CVE-2022-40303: libxml2 - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte ...
vendor_debian·2022·CVSS 7.5
CVE-2022-40303 [HIGH] CVE-2022-40303: libxml2 - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte ...
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
Scope: local
bookworm: resolved (fixed in 2.9.14+dfsg-1.1)
bullseye: resolved (fixed in 2.9.10+dfsg-6.7+deb11u3)
forky: resolved (fixed in 2.9.14+dfsg-1.1)
sid: resolved (fixed in 2.9.14+dfsg-1.1)
trixie: resolved (fixed in 2.9.14+dfsg-1.1)
No detection rules found.
No public exploits indexed.
Checkpoint
14th November– Threat Intelligence Report
blogs_checkpoint·2022-11-14
CVE-2022-20465 14th November– Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 14th November– Threat Intelligence Report
For the latest discoveries in cyber research for the week of 14th November, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
The Australian Federal Police has disclosed that the hacking group responsible for the massive Medibank hack that compromised the personal information of 9.7 million customers is based in Russia. The group’s identity was not yet published.
Black Basta ransomware group has launched a cyberattack against Canadian grocery
Checkpoint
14th November– Threat Intelligence Report
blogs_checkpoint·2022-11-14
CVE-2022-20465 14th November– Threat Intelligence Report
Top Attacks and Breaches
The Australian Federal Police has disclosed that the hacking group responsible for the massive Medibank hack that compromised the personal information of 9.7 million customers is based in Russia. The group’s identity was not yet published.
Black Basta ransomware group has launched a cyberattack against Canadian grocery and pharmacy chain store Sobeys, impacting some of the company’s in-store services and operations.
Check Point Harmony Endpoint and Threat Emulation provide protection against this threat (Banker.Wins.Carbanak.*; Ransomware.Win.BlackBasta.*)
Security Researchers have disclosed two new surveillance campaigns targeting Uyghurs in the People’s Republic of China and abroad with BadBazaar and MOONSHINE spyware.
Threat actors are mass spreading scam e
http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/24http://seclists.org/fulldisclosure/2022/Dec/25http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3https://security.netapp.com/advisory/ntap-20221209-0003/https://support.apple.com/kb/HT213531https://support.apple.com/kb/HT213533https://support.apple.com/kb/HT213534https://support.apple.com/kb/HT213535https://support.apple.com/kb/HT213536http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/24http://seclists.org/fulldisclosure/2022/Dec/25http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3https://security.netapp.com/advisory/ntap-20221209-0003/https://support.apple.com/kb/HT213531https://support.apple.com/kb/HT213533https://support.apple.com/kb/HT213534https://support.apple.com/kb/HT213535https://support.apple.com/kb/HT213536
2022-11-23
Published
Exploited in the wild