VDB
GCVE-110-MAGEIA-2022-177
GCVE-110-MAGEIA-2022-177
Advisory Published
In libxml2 before 2.9.14, several buffer handling functions in buf.c
(xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This
can result in out-of-bounds memory writes. Exploitation requires a victim
to open a crafted, multi-gigabyte XML file. Other software using libxml2's
buffer functions, for example libxslt through 1.1.35, is affected as well.
(CVE-2022-29824)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | libxml2 | 0 (affected), 2.9.10-7.4.mga8 (unaffected) | — |
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.