Product:

Libxml2

(Xmlsoft)
Repositories https://github.com/GNOME/libxml2
#Vulnerabilities 90
Date Id Summary Products Score Patch Annotated
2022-02-26 CVE-2022-23308 valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. Ipados, Iphone_os, Mac_os_x, Macos, Tvos, Watchos, Debian_linux, Fedora, Active_iq_unified_manager, Bootstrap_os, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Manageability_software_development_kit, Ontap_select_deploy_administration_utility, Smi\-S_provider, Snapdrive, Snapmanager, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_function_cloud_native_environment, Communications_cloud_native_core_network_repository_function, Communications_cloud_native_core_network_slice_selection_function, Communications_cloud_native_core_unified_data_repository, Mysql_workbench, Zfs_storage_appliance_kit, Libxml2 7.5
2022-11-23 CVE-2022-40303 An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. Ipados, Iphone_os, Macos, Tvos, Watchos, Active_iq_unified_manager, Clustered_data_ontap, Clustered_data_ontap_antivirus_connector, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Netapp_manageability_sdk, Ontap_select_deploy_administration_utility, Snapmanager, Libxml2 7.5