Latest Vulnerabilities and Exploits



CVE ID:

CVE-2021-3537

Details:

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.

References:

FEDORA:FEDORA-2021-e3ed1ba38b
:https://lists.fedoraproject.org/archives/list/[email protected]/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
:https://bugzilla.redhat.com/show_bug.cgi?id=1956522
:https://bugzilla.redhat.com/show_bug.cgi?id=1956522
MLIST:[debian-lts-announce] 20210510 [SECURITY] [DLA 2653-1] libxml2 security update
:https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html

ZeroDayLab Assigned Tags:

CRASH