CVE-2021-3517

Description from NVD

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.

Information Acquisition Date:2021-10-20T14:54Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 8.6 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://bugzilla.redhat.com/show_bug.cgi?id=1954232
     source:MISC
     tags:Issue Tracking    Patch    Third Party Advisory    
 FEDORA-2021-e3ed1ba38b
     source:FEDORA
     tags:Mailing List    Third Party Advisory    
 [debian-lts-announce] 20210510 [SECURITY] [DLA 2653-1] libxml2 security update
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 FEDORA-2021-b950000d2b
     source:FEDORA
     tags:Mailing List    Third Party Advisory    
 https://security.netapp.com/advisory/ntap-20210625-0002/
     source:CONFIRM
     tags:Third Party Advisory    
 [bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
     source:MLIST
     tags:Third Party Advisory    
 [bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8
     source:MLIST
     tags:Third Party Advisory    
 GLSA-202107-05
     source:GENTOO
     tags:Third Party Advisory    
 https://www.oracle.com/security-alerts/cpuoct2021.html
     source:MISC
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apple(1 tweets) Java(18 tweets) Oracle(17 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...287
https://www.ipa.go.jp/security/ciadr/vul/20211020-jre.html6
https://ift.tt/3lS0SYF5
https://twitter.com/ICATalerts/status/14506624403376947233

▼ Show Information from Twitter(24)


List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com287
www.ipa.go.jp6
ift.tt5
twitter.com3

▼ Show Information from Twitter(24)


GitHub Search Results: Up to 10
NameURL
No Data

GitHub Search Results: Up to 10
NameURL
No Data

2021/10/21 Score : 1
Added Har-sia Database : 2021/04/28
Last Modified : 2021/10/21
Highest Scored Date : 2021/10/20
Highest Score : 20