{"id":"CLSA-2022-1670523403","summary":"libxml2: Fix of 2 CVEs","details":"- CVE-2022-40303: fix integer overflows with XML_PARSE_HUGE\n- CVE-2022-40304: fix dict corruption caused by entity reference cycles","modified":"2026-06-01T00:33:20.240036508Z","published":"2022-12-08T18:16:43Z","upstream":["CVE-2022-40303","CVE-2022-40304"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/centos8.4-els/CLSA-2022-1670523403.html"}],"affected":[{"package":{"name":"libxml2","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/libxml2?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1670523403.json"}},{"package":{"name":"libxml2-devel","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/libxml2-devel?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1670523403.json"}},{"package":{"name":"libxml2-static","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/libxml2-static?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1670523403.json"}},{"package":{"name":"python3-libxml2","ecosystem":"TuxCare:CentOS:8.4","purl":"pkg:rpm/tuxcare/python3-libxml2?distro=centos-8.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-9.el8_4.2.tuxcare.els4"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1670523403.json"}}],"schema_version":"1.7.5"}