Lucene search

CVE-2021-21366

🗓️ 12 Mar 2021 17:12:15Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 84 Views

xmldom 0.4.0 and older mishandle system identifiers and may cause unexpected syntactic changes during XML processing

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 23
OSV	CVE-2021-21366	12 Mar 202117:15	–	osv
OSV	GHSA-H6Q6-9HQW-RWFV Misinterpretation of malicious XML input	12 Mar 202122:39	–	osv
OSV	DLA-3260-1 node-xmldom - security update	1 Jan 202300:00	–	osv
OSV	node-xmldom vulnerabilities	24 May 202309:57	–	osv
Github Security Blog	Misinterpretation of malicious XML input	12 Mar 202122:39	–	github
Cvelist	CVE-2021-21366 Misinterpretation of malicious XML input	12 Mar 202100:00	–	cvelist
NVD	CVE-2021-21366	12 Mar 202117:15	–	nvd
Node.js	Misinterpretation of malicious XML input	12 Mar 202122:42	–	nodejs
UbuntuCve	CVE-2021-21366	12 Mar 202100:00	–	ubuntucve
Veracode	XML Injection	10 Mar 202107:22	–	veracode

Nvd

Vulners

Node

xmldom_project xmldomRange<0.5.0node.js

Node

debian debian_linuxMatch10.0

[
  {
    "vendor": "xmldom",
    "product": "xmldom",
    "versions": [
      {
        "version": "< 0.5.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/xmldom/xmldom/commit/d4201b9dfbf760049f457f9f08a3888d48835135
npmjs	www.npmjs.com/package/xmldom
github	www.github.com/xmldom/xmldom/releases/tag/0.5.0
github	www.github.com/xmldom/xmldom/security/advisories/GHSA-h6q6-9hqw-rwfv
lists	www.lists.debian.org/debian-lts-announce/2023/01/msg00000.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Mar 2021 17:15Current

4.6Medium risk

Vulners AI Score4.6

CVSS24.3

CVSS34.3

EPSS0.00908