Lucene search

K
cvelistRedhatCVELIST:CVE-2021-3537
HistoryMay 14, 2021 - 7:50 p.m.

CVE-2021-3537

2021-05-1419:50:10
CWE-476
redhat
www.cve.org
1

7.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.8%

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.

CNA Affected

[
  {
    "product": "libxml2",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "libxml2 2.9.11"
      }
    ]
  }
]