{"id":"CVE-2022-29824","details":"In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.","modified":"2026-04-10T15:07:23.965524Z","published":"2022-05-03T03:15:06.687Z","related":["MGASA-2022-0177","SUSE-SU-2022:1750-1","SUSE-SU-2022:1833-1","SUSE-SU-2022:2552-1","SUSE-SU-2023:2048-1","openSUSE-SU-2024:12043-1","openSUSE-SU-2024:12085-1","openSUSE-SU-2024:13165-1","openSUSE-SU-2024:14174-1","openSUSE-SU-2025:14697-1","openSUSE-SU-2026:10356-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P5363EDV5VHZ5C77ODA43RYDCPMA7ARM/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3NVZVWFRBXBI3AKZZWUWY6INQQPQVSF/"},{"type":"ADVISORY","url":"https://gitlab.gnome.org/GNOME/libxslt/-/tags"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220715-0006/"},{"type":"ADVISORY","url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00023.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202210-03"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5142"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/167345/libxml2-xmlBufAdd-Heap-Buffer-Overflow.html"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/169825/libxml2-xmlParseNameComplex-Integer-Overflow.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/GNOME/libxml2","events":[{"introduced":"0"},{"fixed":"7846b0a677f8d3ce72486125fa281e92ac9970e8"},{"fixed":"2554a2408e09f13652049e5ffb0d26196b02ebab"},{"fixed":"6c283d83eccd940bcde15634ac8c7f100e3caefd"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.9.14"}]}},{"type":"GIT","repo":"https://gitlab.gnome.org/GNOME/libxslt","events":[{"introduced":"0"},{"last_affected":"50af4e65da712ceb59f98a7feeeab2ddc3324ab9"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.1.35"}]}}],"versions":["1.1.23","1.1.24","CVE-2013-2877","CVE-2014-0191","CVE-2014-3660","CVE-2015-1819","CVE-2015-5312","CVE-2015-7497","CVE-2015-7498","CVE-2015-7499-1","CVE-2015-7499-2","CVE-2015-7500","CVE-2015-7941_1","CVE-2015-7941_2","CVE-2015-7942","CVE-2015-7942-2","CVE-2015-7995","CVE-2015-8035","CVE-2015-8242","CVE-2015-8317","CVE-2016-1762","CVE-2016-1833","CVE-2016-1834","CVE-2016-1835","CVE-2016-1836","CVE-2016-1837","CVE-2016-1838","CVE-2016-1839","CVE-2016-1840","CVE-2016-3627","CVE-2016-3705","CVE-2016-4449","CVE-2016-4483","CVE-2021-3541","EAZEL-NAUTILUS-MS-AUG07","FOR_GNOME_0_99_1","GNOME_0_30","GNOME_PRINT_0_24","GNUMERIC_FIRST_PUBLIC_RELEASE","LIBXML2.6.32","LIBXML2.7.0","LIBXML2.7.1","LIBXML2.7.2","LIBXML2.7.3","LIBXML2_2_4_21","LIBXML2_2_5_0","LIBXML2_2_5_10","LIBXML2_2_5_7","LIBXML2_2_5_8","LIBXML2_2_5_9","LIBXML2_2_5_x","LIBXML2_2_6_1","LIBXML2_2_6_11","LIBXML2_2_6_12","LIBXML2_2_6_13","LIBXML2_2_6_14","LIBXML2_2_6_15","LIBXML2_2_6_16","LIBXML2_2_6_18","LIBXML2_2_6_19","LIBXML2_2_6_2","LIBXML2_2_6_20","LIBXML2_2_6_21","LIBXML2_2_6_22","LIBXML2_2_6_23","LIBXML2_2_6_24","LIBXML2_2_6_26","LIBXML2_2_6_27","LIBXML2_2_6_28","LIBXML2_2_6_3","LIBXML2_2_6_4","LIBXML2_2_6_5","LIBXML2_2_6_6","LIBXML2_2_6_7","LIBXML2_2_6_8","LIBXML2_2_6_9","LIBXML2_6_0","LIBXML_0_99","LIBXML_1_5_0","LIBXML_1_8_5","LIBXML_1_8_6","LIBXML_2_0_0","LIBXML_2_1_0","LIBXML_2_1_1","LIBXML_2_2_1","LIBXML_2_2_3","LIBXML_2_2_4","LIBXML_2_2_6","LIBXML_2_2_7","LIBXML_2_2_8","LIBXML_2_3_0","LIBXML_2_3_10","LIBXML_2_3_11","LIBXML_2_3_12","LIBXML_2_3_13","LIBXML_2_3_14","LIBXML_2_3_2","LIBXML_2_3_3","LIBXML_2_3_4","LIBXML_2_3_5","LIBXML_2_3_6","LIBXML_2_3_7","LIBXML_2_3_8","LIBXML_2_3_9","LIBXML_2_4_0","LIBXML_2_4_11","LIBXML_2_4_12","LIBXML_2_4_13","LIBXML_2_4_14","LIBXML_2_4_16","LIBXML_2_4_18","LIBXML_2_4_2","LIBXML_2_4_20","LIBXML_2_4_22","LIBXML_2_4_23","LIBXML_2_4_24","LIBXML_2_4_25","LIBXML_2_4_26","LIBXML_2_4_27","LIBXML_2_4_29","LIBXML_2_4_3","LIBXML_2_4_30","LIBXML_2_4_4","LIBXML_2_4_6","LIBXML_2_4_7","LIBXML_2_5_1","LIBXML_2_5_2","LIBXML_2_5_3","LIBXML_2_5_4","LIBXML_2_5_5","LIBXML_2_5_6","LIBXML_2_6_10","LIBXML_TEST_2_0_0","LIBXSLT_0_0_0","LIBXSLT_0_10_0","LIBXSLT_0_11_0","LIBXSLT_0_12_0","LIBXSLT_0_13_0","LIBXSLT_0_14_0","LIBXSLT_0_1_0","LIBXSLT_0_3_0","LIBXSLT_0_4_0","LIBXSLT_0_6_0","LIBXSLT_0_7_0","LIBXSLT_0_8_0","LIBXSLT_0_9_0","LIBXSLT_1_0_0","LIBXSLT_1_0_10","LIBXSLT_1_0_11","LIBXSLT_1_0_12","LIBXSLT_1_0_13","LIBXSLT_1_0_14","LIBXSLT_1_0_16","LIBXSLT_1_0_17","LIBXSLT_1_0_18","LIBXSLT_1_0_19","LIBXSLT_1_0_2","LIBXSLT_1_0_20","LIBXSLT_1_0_21","LIBXSLT_1_0_22","LIBXSLT_1_0_23","LIBXSLT_1_0_24","LIBXSLT_1_0_25","LIBXSLT_1_0_26","LIBXSLT_1_0_27","LIBXSLT_1_0_28","LIBXSLT_1_0_29","LIBXSLT_1_0_3","LIBXSLT_1_0_30","LIBXSLT_1_0_31","LIBXSLT_1_0_32","LIBXSLT_1_0_33","LIBXSLT_1_0_4","LIBXSLT_1_0_5","LIBXSLT_1_0_6","LIBXSLT_1_0_7","LIBXSLT_1_0_8","LIBXSLT_1_0_9","LIBXSLT_1_1_0","LIBXSLT_1_1_1","LIBXSLT_1_1_10","LIBXSLT_1_1_11","LIBXSLT_1_1_12","LIBXSLT_1_1_13","LIBXSLT_1_1_14","LIBXSLT_1_1_15","LIBXSLT_1_1_16","LIBXSLT_1_1_17","LIBXSLT_1_1_18","LIBXSLT_1_1_2","LIBXSLT_1_1_21","LIBXSLT_1_1_22","LIBXSLT_1_1_3","LIBXSLT_1_1_4","LIBXSLT_1_1_5","LIBXSLT_1_1_6","LIBXSLT_1_1_7","LIBXSLT_1_1_8","LIBXSLT_1_1_9","LIB_XML_1_1","LIB_XML_1_3","LIB_XML_1_4","LIB_XML_1_6_1","LIB_XML_1_6_2","LIB_XML_1_7_0","LIB_XML_1_7_1","LIB_XML_1_7_3","LIB_XML_1_8_3","LIB_XML_1_X","LIXSLT_0_5_0","PRE_MUCKUP","PRE_MUCKUP2","PRE_MUCKUP3","help","v1.1.25","v1.1.26","v1.1.27","v1.1.27-rc1","v1.1.28","v1.1.29","v1.1.29-rc1","v1.1.29-rc2","v1.1.30","v1.1.30-rc1","v1.1.30-rc2","v1.1.31","v1.1.31-rc1","v1.1.31-rc2","v1.1.32","v1.1.32-rc1","v1.1.32-rc2","v1.1.33","v1.1.33-rc1","v1.1.33-rc2","v1.1.34","v1.1.34-rc2","v1.1.35","v2.7.4","v2.7.5","v2.7.6","v2.7.7","v2.7.8","v2.8.0","v2.8.0-rc1","v2.8.0-rc2","v2.9.0","v2.9.0-rc2","v2.9.1","v2.9.10","v2.9.10-rc1","v2.9.11","v2.9.12","v2.9.13","v2.9.2","v2.9.2-rc1","v2.9.2-rc2","v2.9.3","v2.9.4","v2.9.4-rc1","v2.9.4-rc2","v2.9.5","v2.9.5-rc1","v2.9.5-rc2","v2.9.6","v2.9.6-rc1","v2.9.7","v2.9.7-rc1","v2.9.8","v2.9.8-rc1","v2.9.9","v2.9.9-rc1","v2.9.9-rc2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29824.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.8"}]}],"vanir_signatures":[{"signature_type":"Function","id":"CVE-2022-29824-07a72990","digest":{"length":391,"function_hash":"115263354842861904442748132514723815592"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferCreateStatic"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-10e231d6","digest":{"length":808,"function_hash":"75850300764543775076996218073100501490"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferAdd"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-130e8615","digest":{"length":1363,"function_hash":"58844807220583953519977966836648942135"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufGrowInternal"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2022-29824-2030b6a2","digest":{"threshold":0.9,"line_hashes":["166347249643066493482164082916768196209","188691293708940955113685691668323440391","43724771782081554494176458881448300061","329541917878089861333628355206373841292","244815610199557116003447537492418988037","140686149888498718352682001110293928195","146106074986306830291803050869321938522","302649483888263188516292074617914907785","326512487203366469745341770425483579598","99471222112658515431024737476116654868","293933881918316690407571828802499261839","212955913094921663464961580221405480340","260833132063199916061396082469494631228","563145196984672289991885340766921694","32824100409815381084192945656371530291","314453343157425636086878203536308303906","698068405543228949315139045334893123","118600870656940385459781550635123886114","270340679690179128994753399691279421786","26183435788473482089393976134697201388","281004840733422946454406306680650676791","316561384226399031813268865154692736373","97992013892078582400544259536764303412","1162479033526895615173863014037153558","220050959054061562763313704555696060290","73077681559562273397128705154712592178","229734987643969586507802206212902560208","321146100040694750670569673842329245472","259003298076650343194221306781819630314","208963989065717115771997796521043825385","69826210049579911544261058946047890233","252712773309582500429394977391673631876","162111704932719766527778773124917140644","28330267585813390556621014933110114238","184252951234454387491372882751654158787","101524419926075112169819048536445279992","222856578673771745252375797198236860644","42367945794127130229185010334900532173","168007625913870093211297660968928319053","129140094033548486519772814962332421811","197643393352493719603368801258740728242","148426172950277016519704492366555268245","9017577952774986457994686053509708575","120128024476881717726868872398102789021","162111704932719766527778773124917140644","28330267585813390556621014933110114238","128706768146980684009727114754490936966","282050926116276813422971100562048838966","185733559129862549706259877960102410911","257651541500714394835884747665347804718","314005034077235630998938419332007116091","223046297467060732280273520612925907729","9373473082227868337552830985122564197","246691431004006287082185432655182933721","125494467620307806474896423774992127073","155112725940892278797289588648459173779","290488032303260205569689376411713020503","93692528096573125077453216197077753382","162531107462827733444482690548862474293","320146427403264049983109414849766355169","41093209398700043461113339669438079716","248806804675953686317307435715043387525","124839663049236222337804488516657719906","281422489119680409661308498832714722939","317525451668299360050946602638864595270","76004674246076111263504267445220465515","333080562611234356508294531428907257609","183856726123885176230034482489754910788","121276464953041064409130541449682558256","262457651961160871347649868297942569406","204554871039360322594254126051197287412","59678033486978346872430658989464860271","70158614366306747252773121205281701501","267871884567140900541406032970430679572","210868542731533088872037717853278212299","54321272015591656966183131510267039353","300636302051406341579809817970758465970","114307351633580109942508704785606142065","149556561804967540010889167666222635","126102627799916820003257174205859902326","238433400840669369277909221182332471064","74789413078866356061854028644903100361","196541913226344732177528816320018744850","86953962388419755172552221437460305272","152325669878287980676385337838366917807","203014656296905257722134362817778307954"]},"deprecated":false,"target":{"file":"buf.c"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-28c9e8a7","digest":{"length":696,"function_hash":"279040109283899741761505529617154937844"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufCCat"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-2ed41fe7","digest":{"length":2135,"function_hash":"135818614898132221850781778317523237741"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufResize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-46619c61","digest":{"length":1943,"function_hash":"329490277066729456665976458093342219236"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferResize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2022-29824-5a249cd2","digest":{"threshold":0.9,"line_hashes":["89234444919432577874083340679230379303","102916874051844224561382165713321585742","77444374321772040333229124462046667657","51594386084393692917076001511541815740","59463072141900048719177539730091171494","108689423914536070173501179218123167571","73257213247763993533496237851287787992","319179439162218741642968220270175076963","75410353055119966637611836347710837355","195511418702759558878519149258289724254","156032590481637546762781245566563834651","320854918323617311581622545899598404078","91349951261779144057279149319065410150","158663398050629213416691233929022609351","148208200016623134163652184959082611648","293471043524232641750950816227232367738","237412170703058195350751846044492179660","224278012244390325805897710119544925701","34745244652274053591183604041289994350","271125935585698496011359420417760673031","157451063679879768666014837875398662660","270340679690179128994753399691279421786","26183435788473482089393976134697201388","281004840733422946454406306680650676791","213240285820731737198688037196362571039","59447953445665394779946557712932618998","59048698281438307454149500192640077533","253076007439031769530591964494115411109","98849895861139007217499264803420916664","15872212956386959690716862749437419510","190918742952094896940725673912074466236","184252951234454387491372882751654158787","101524419926075112169819048536445279992","222856578673771745252375797198236860644","42367945794127130229185010334900532173","128706768146980684009727114754490936966","282050926116276813422971100562048838966","185733559129862549706259877960102410911","257651541500714394835884747665347804718","125494467620307806474896423774992127073","155112725940892278797289588648459173779","144107424695018227823174500641865694158","329658310824477512673917223479332350792","253501362365362261838178308390829863618","56678892274578363022038299279641037568","296564371763363186997734581759769504997","256596168500450307178183219637948857331","175564203452412318719901373700835126771","259176317066360743309834788194017659032","93659423589605830448113090747279768550","333080562611234356508294531428907257609","200850415624474903331792716066178925196","154261872677536038005339415136814693187","173812770167697501499373364699710906939","261942566178772813330835626491318086275","59678033486978346872430658989464860271","70158614366306747252773121205281701501","99141068507978896108147016306824284849","155219244607257420645989994945934079615","196162282640393496862882995582389352198","42683212875386056739784628071452822463","333481168434121518198938619946845139099","149556561804967540010889167666222635","126102627799916820003257174205859902326","238433400840669369277909221182332471064","40321965259728005660230012201413574805","306161785279082629334097815571393141949","340162154322791126391395525942509696843","338612865929265833821176240781639632750"]},"deprecated":false,"target":{"file":"tree.c"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-625a6cd9","digest":{"length":1363,"function_hash":"58844807220583953519977966836648942135"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufGrowInternal"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-625bd4ae","digest":{"length":1943,"function_hash":"329490277066729456665976458093342219236"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferResize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-72f67acb","digest":{"length":573,"function_hash":"228242378662408118440566631650494500046"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferCreateSize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-732cd543","digest":{"length":573,"function_hash":"228242378662408118440566631650494500046"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferCreateSize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-79850ecb","digest":{"length":696,"function_hash":"279040109283899741761505529617154937844"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufCCat"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-7b6b880f","digest":{"length":618,"function_hash":"149293193283032866651839431809006417940"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferCCat"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-7ea5224d","digest":{"length":953,"function_hash":"326780113895743950529385541417657705895"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferGrow"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-819588e8","digest":{"length":618,"function_hash":"149293193283032866651839431809006417940"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferCCat"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-88c4fd17","digest":{"length":644,"function_hash":"32699890931358648660868097432135180665"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufCreateSize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-93722ae4","digest":{"length":1042,"function_hash":"128747764254328465175297106964046518678"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufAdd"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-a0a69c85","digest":{"length":391,"function_hash":"115263354842861904442748132514723815592"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferCreateStatic"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-b399b8a6","digest":{"length":953,"function_hash":"326780113895743950529385541417657705895"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferGrow"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2022-29824-cba6cf2b","digest":{"threshold":0.9,"line_hashes":["166347249643066493482164082916768196209","188691293708940955113685691668323440391","43724771782081554494176458881448300061","329541917878089861333628355206373841292","244815610199557116003447537492418988037","140686149888498718352682001110293928195","146106074986306830291803050869321938522","304819344165435105038768376251470155683","104375008876174573249014515538275853471","179362841185435024797489298248640554731","212955913094921663464961580221405480340","260833132063199916061396082469494631228","563145196984672289991885340766921694","32824100409815381084192945656371530291","314453343157425636086878203536308303906","698068405543228949315139045334893123","118600870656940385459781550635123886114","270340679690179128994753399691279421786","26183435788473482089393976134697201388","281004840733422946454406306680650676791","316561384226399031813268865154692736373","97992013892078582400544259536764303412","1162479033526895615173863014037153558","220050959054061562763313704555696060290","73077681559562273397128705154712592178","229734987643969586507802206212902560208","321146100040694750670569673842329245472","259003298076650343194221306781819630314","208963989065717115771997796521043825385","69826210049579911544261058946047890233","252712773309582500429394977391673631876","162111704932719766527778773124917140644","28330267585813390556621014933110114238","184252951234454387491372882751654158787","101524419926075112169819048536445279992","222856578673771745252375797198236860644","42367945794127130229185010334900532173","168007625913870093211297660968928319053","129140094033548486519772814962332421811","197643393352493719603368801258740728242","148426172950277016519704492366555268245","9017577952774986457994686053509708575","120128024476881717726868872398102789021","162111704932719766527778773124917140644","28330267585813390556621014933110114238","128706768146980684009727114754490936966","282050926116276813422971100562048838966","185733559129862549706259877960102410911","257651541500714394835884747665347804718","314005034077235630998938419332007116091","223046297467060732280273520612925907729","9373473082227868337552830985122564197","246691431004006287082185432655182933721","125494467620307806474896423774992127073","155112725940892278797289588648459173779","290488032303260205569689376411713020503","93692528096573125077453216197077753382","162531107462827733444482690548862474293","320146427403264049983109414849766355169","41093209398700043461113339669438079716","248806804675953686317307435715043387525","124839663049236222337804488516657719906","281422489119680409661308498832714722939","317525451668299360050946602638864595270","76004674246076111263504267445220465515","333080562611234356508294531428907257609","183856726123885176230034482489754910788","121276464953041064409130541449682558256","262457651961160871347649868297942569406","204554871039360322594254126051197287412","59678033486978346872430658989464860271","70158614366306747252773121205281701501","267871884567140900541406032970430679572","210868542731533088872037717853278212299","54321272015591656966183131510267039353","300636302051406341579809817970758465970","114307351633580109942508704785606142065","149556561804967540010889167666222635","126102627799916820003257174205859902326","238433400840669369277909221182332471064","74789413078866356061854028644903100361","196541913226344732177528816320018744850","86953962388419755172552221437460305272","152325669878287980676385337838366917807","203014656296905257722134362817778307954"]},"deprecated":false,"target":{"file":"buf.c"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Line","id":"CVE-2022-29824-d9730754","digest":{"threshold":0.9,"line_hashes":["89234444919432577874083340679230379303","102916874051844224561382165713321585742","77444374321772040333229124462046667657","51594386084393692917076001511541815740","59463072141900048719177539730091171494","108689423914536070173501179218123167571","73257213247763993533496237851287787992","319179439162218741642968220270175076963","75410353055119966637611836347710837355","195511418702759558878519149258289724254","156032590481637546762781245566563834651","320854918323617311581622545899598404078","91349951261779144057279149319065410150","158663398050629213416691233929022609351","148208200016623134163652184959082611648","293471043524232641750950816227232367738","237412170703058195350751846044492179660","224278012244390325805897710119544925701","34745244652274053591183604041289994350","271125935585698496011359420417760673031","157451063679879768666014837875398662660","270340679690179128994753399691279421786","26183435788473482089393976134697201388","281004840733422946454406306680650676791","213240285820731737198688037196362571039","59447953445665394779946557712932618998","59048698281438307454149500192640077533","253076007439031769530591964494115411109","98849895861139007217499264803420916664","15872212956386959690716862749437419510","190918742952094896940725673912074466236","184252951234454387491372882751654158787","101524419926075112169819048536445279992","222856578673771745252375797198236860644","42367945794127130229185010334900532173","128706768146980684009727114754490936966","282050926116276813422971100562048838966","185733559129862549706259877960102410911","257651541500714394835884747665347804718","125494467620307806474896423774992127073","155112725940892278797289588648459173779","144107424695018227823174500641865694158","329658310824477512673917223479332350792","253501362365362261838178308390829863618","56678892274578363022038299279641037568","296564371763363186997734581759769504997","256596168500450307178183219637948857331","175564203452412318719901373700835126771","259176317066360743309834788194017659032","93659423589605830448113090747279768550","333080562611234356508294531428907257609","200850415624474903331792716066178925196","154261872677536038005339415136814693187","173812770167697501499373364699710906939","261942566178772813330835626491318086275","59678033486978346872430658989464860271","70158614366306747252773121205281701501","99141068507978896108147016306824284849","155219244607257420645989994945934079615","196162282640393496862882995582389352198","42683212875386056739784628071452822463","333481168434121518198938619946845139099","149556561804967540010889167666222635","126102627799916820003257174205859902326","238433400840669369277909221182332471064","40321965259728005660230012201413574805","306161785279082629334097815571393141949","340162154322791126391395525942509696843","338612865929265833821176240781639632750"]},"deprecated":false,"target":{"file":"tree.c"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-e34d3b20","digest":{"length":808,"function_hash":"75850300764543775076996218073100501490"},"deprecated":false,"target":{"file":"tree.c","function":"xmlBufferAdd"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-e9c47194","digest":{"length":1042,"function_hash":"128747764254328465175297106964046518678"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufAdd"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-eeb2365d","digest":{"length":2135,"function_hash":"135818614898132221850781778317523237741"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufResize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@6c283d83eccd940bcde15634ac8c7f100e3caefd","signature_version":"v1"},{"signature_type":"Function","id":"CVE-2022-29824-fca2f583","digest":{"length":695,"function_hash":"242532867002527404152383095403649546609"},"deprecated":false,"target":{"file":"buf.c","function":"xmlBufCreateSize"},"source":"https://gitlab.gnome.org/GNOME/libxml2@2554a2408e09f13652049e5ffb0d26196b02ebab","signature_version":"v1"}],"vanir_signatures_modified":"2026-04-10T15:07:23Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}