AVG-2726 log
Package | libxml2 |
Status | Fixed |
Severity | High |
Type | arbitrary code execution |
Affected | 2.9.13-1 |
Fixed | 2.9.14-1 |
Current | 2.13.5-2 [core] |
Ticket | None |
Created | Wed May 18 20:08:59 2022 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2022-29824 | Medium | Unknown | Arbitrary code execution | Integer overflow in xmlBuf (buf.c) and xmlBuffer (tree.c) can lead to out-of-bounds memory writes exploitable when parsing crafted multi- gigabyte xml files. |
CVE-2022-23308 | High | Unknown | Arbitrary code execution | Use-after-free of ID and IDREF attributes in valid.c |