Podatność CVE-2022-40303


Publikacja: 2022-11-23

Opis:
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Med.
libxml2 xmlParseNameComplex Integer Overflow
Google Security ...
15.11.2022

Typ:

CWE-189

(Numeric Errors)

 Referencje:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0
https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3

Copyright 2024, cxsecurity.com

 

Back to Top