CVE-2021-3516
01.06.2021, 14:15
There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| xmlsoft | xmllint | 𝑥 < 2.9.11 |
| debian | debian_linux | 9.0 |
| redhat | jboss_core_services | - |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 8.0 |
| netapp | clustered_data_ontap | - |
| netapp | clustered_data_ontap_antivirus_connector | - |
| netapp | ontap_select_deploy_administration_utility | - |
| oracle | zfs_storage_appliance_kit | 8.8 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2-2 |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| libxml2-2-32bit |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| libxml2-devel |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| libxml2-doc |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| libxml2-tools |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| python-libxml2 |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| python3-libxml2 |
| ||||||||||||||||||||||||||||||||||||||||||||||||||
| python3-libxml2-python |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| libxml2 |
| ||||||||||
| libxml2-devel |
| ||||||||||
| python3-libxml2 |
|
Common Weakness Enumeration
References