CVE-2022-29824 - log back

CVE-2022-29824 edited at 18 May 2022 20:17:36
Severity
- Unknown
+ Medium
Type
- Unknown
+ Arbitrary code execution
Description
+ Integer overflow in xmlBuf (buf.c) and xmlBuffer (tree.c) can lead to out-of-bounds memory writes exploitable when parsing crafted multi-gigabyte xml files.
References
+ https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
+ https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
+ https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
Notes
CVE-2022-29824 created at 18 May 2022 20:08:59