An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
2022-11-23T00:15:11.007
2025-04-29T05:15:43.693
Modified
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | xmlsoft | libxml2 | < 2.10.3 | Yes |
| Application | netapp | active_iq_unified_manager | - | Yes |
| Application | netapp | clustered_data_ontap | - | Yes |
| Application | netapp | clustered_data_ontap_antivirus_connector | - | Yes |
| Application | netapp | netapp_manageability_sdk | - | Yes |
| Application | netapp | ontap_select_deploy_administration_utility | - | Yes |
| Application | netapp | snapmanager | - | Yes |
| Operating System | apple | ipados | < 15.7.2 | Yes |
| Operating System | apple | iphone_os | < 15.7.2 | Yes |
| Operating System | apple | macos | < 11.7.2 | Yes |
| Operating System | apple | macos | < 12.6.2 | Yes |
| Operating System | apple | tvos | < 16.2 | Yes |
| Operating System | apple | watchos | < 9.2 | Yes |
| Operating System | netapp | h300s_firmware | - | Yes |
| Hardware | netapp | h300s | - | No |
| Operating System | netapp | h500s_firmware | - | Yes |
| Hardware | netapp | h500s | - | No |
| Operating System | netapp | h700s_firmware | - | Yes |
| Hardware | netapp | h700s | - | No |
| Operating System | netapp | h410s_firmware | - | Yes |
| Hardware | netapp | h410s | - | No |
| Operating System | netapp | h410c_firmware | - | Yes |
| Hardware | netapp | h410c | - | No |