Msrc Cbl2 Libxml2 2.10.3-1 On Cbl Mariner 2.0 vulnerabilities

CVE-2022-40303 [HIGH] CWE-190 An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled several integer counters can overflow. This results in an att An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset typically leading to

CVE-2022-40304 [HIGH] CWE-415 An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key potentially leading to subsequent logic errors. In one case a double-free can be p An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key potentially leading to subsequent logic errors. In one case a double-free can be provoked. FAQ: Is Azure Linux the only Microsoft product that include