Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. (CVE-2022-40304). Impact This vulnerability allows a remote (or local in the case of Traffix), unauthenticated attacker to cause memory corruption that can lead to access to restricted information, data modification, or a denial-of-service (DoS) on the affected F5 products. There is both control plane and data plane…Read More
K000139594 : libxml2 vulnerability CVE-2022-40304
