VDB

GCVE-110-MAGEIA-2022-177

GCVE-110-MAGEIA-2022-177
Advisory Published
Vulnetix · Advisory published May 12, 2022
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)

Affected Products

VendorProductVersionsPlatforms
Mageialibxml20 (affected), 2.9.10-7.4.mga8 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›