CVE-2022-29824 log

Source
Severity Medium
Remote Unknown
Type Arbitrary code execution
Description
Integer overflow in xmlBuf (buf.c) and xmlBuffer (tree.c) can lead to out-of-bounds memory writes exploitable when parsing crafted multi-gigabyte xml files.
Group Package Affected Fixed Severity Status Ticket
AVG-2726 libxml2 2.9.13-1 2.9.14-1 High Fixed
References
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd