{"id":"CLSA-2022-1670523520","summary":"libxml2: Fix of 2 CVEs","details":"- CVE-2022-40303: fix integer overflows with XML_PARSE_HUGE\n- CVE-2022-40304: fix dict corruption caused by entity reference cycles","modified":"2026-05-27T11:18:29.400772852Z","published":"2022-12-08T18:18:40Z","upstream":["CVE-2022-40303","CVE-2022-40304"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.5-els/CLSA-2022-1670523520.html"}],"affected":[{"package":{"name":"libxml2","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/libxml2?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1670523520.json"}},{"package":{"name":"libxml2-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/libxml2-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1670523520.json"}},{"package":{"name":"libxml2-static","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/libxml2-static?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1670523520.json"}},{"package":{"name":"python3-libxml2","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/python3-libxml2?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1670523520.json"}}],"schema_version":"1.7.5"}