AVG-2726 log

Package libxml2
Status Fixed
Severity High
Type arbitrary code execution
Affected 2.9.13-1
Fixed 2.9.14-1
Current 2.13.5-2 [core]
Ticket None
Created Wed May 18 20:08:59 2022
Issue Severity Remote Type Description
CVE-2022-29824 Medium Unknown Arbitrary code execution
Integer overflow in xmlBuf (buf.c) and xmlBuffer (tree.c) can lead to out-of-bounds memory writes exploitable when parsing crafted multi- gigabyte xml files.
CVE-2022-23308 High Unknown Arbitrary code execution
Use-after-free of ID and IDREF attributes in valid.c