Lucene search

K
cvelistRedhatCVELIST:CVE-2021-3518
HistoryMay 18, 2021 - 11:20 a.m.

CVE-2021-3518

2021-05-1811:20:24
CWE-416
redhat
www.cve.org

8.7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

There’s a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

CNA Affected

[
  {
    "product": "libxml2",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "libxml2 2.9.11"
      }
    ]
  }
]

References