A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parsed in recovery mode and post validated. The highest threat from this vulnerability is to system availability.

References

bugzilla.redhat.com/show_bug.cgi?id=1956522

nvd.nist.gov/vuln/detail/CVE-2021-3537

www.cve.org/CVERecord?id=CVE-2021-3537

prion 1

attackerkb 1

cvelist 1

ubuntucve 1

alpinelinux 1

nvd 1

veracode 1

cbl_mariner 1

debiancve 1

osv 7

cve 1

github 2

nessus 37

openvas 23

ibm 6

amazon 2

fedora 2

debian 1

suse 1

mageia 1

photon 6

almalinux 1

redhat 14

altlinux 1

oraclelinux 1

rocky 1

gentoo 1

cloudlinux 2

ubuntu 1

cloudfoundry 1

rosalinux 1

ics 2

tenable 1

oracle 4

prion

Design/Logic Flaw

2021-05-14 20:15:00

attackerkb

CVE-2021-3537

2021-05-14 00:00:00

cvelist

CVE-2021-3537

2021-05-14 19:50:10

ubuntucve

CVE-2021-3537

2021-05-14 00:00:00

alpinelinux

CVE-2021-3537

2021-05-14 20:15:16

nvd

CVE-2021-3537

2021-05-14 20:15:16

veracode

Denial Of Service (DoS)

2021-05-08 14:26:04

cbl_mariner

CVE-2021-3537 affecting package libxml2 2.9.10-4

2021-06-09 03:50:32

debiancve

CVE-2021-3537

2021-05-14 20:15:16

osv

Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing

2022-05-24 19:02:26

libxml2 - security update

2021-05-10 00:00:00

Moderate: libxml2 security update

2021-06-29 13:42:19

cve

CVE-2021-3537

2021-05-14 20:15:16

github

Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing

2022-05-24 19:02:26

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

2021-05-17 20:52:05

nessus

EulerOS Virtualization 2.9.0 : libxml2 (EulerOS-SA-2021-2193)

2021-07-13 00:00:00

EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2021-2185)

2021-07-13 00:00:00

Photon OS 2.0: Libxml2 PHSA-2021-2.0-0351

2021-06-10 00:00:00

openvas

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-2193)

2021-07-13 00:00:00

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-2185)

2021-07-13 00:00:00

Fedora: Security Advisory for libxml2 (FEDORA-2021-e3ed1ba38b)

2021-05-13 00:00:00

ibm

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Libxml2

2023-12-07 23:00:02

Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in Libxml2

2023-12-07 23:00:02

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access

2022-01-07 00:24:27

amazon

Medium: libxml2

2021-07-01 01:03:00

Medium: libxml2

2023-04-27 16:19:00

fedora

[SECURITY] Fedora 34 Update: libxml2-2.9.10-12.fc34

2021-05-10 01:07:26

[SECURITY] Fedora 33 Update: libxml2-2.9.12-4.fc33

2021-06-14 01:22:50

debian

[SECURITY] [DLA 2653-1] libxml2 security update

2021-05-10 12:31:54

suse

Security update for libxml2 (important)

2021-05-22 00:00:00

mageia

Updated libxml2 packages fix security vulnerabilities

2021-05-19 22:29:59

photon

Important Photon OS Security Update - PHSA-2021-0399

2021-05-31 00:00:00

Important Photon OS Security Update - PHSA-2021-0246

2021-06-02 00:00:00

Critical Photon OS Security Update - PHSA-2021-0035

2021-06-02 00:00:00

almalinux

Moderate: libxml2 security update

2021-06-29 13:42:19

redhat

(RHSA-2021:2569) Moderate: libxml2 security update

2021-06-29 13:42:19

(RHSA-2022:1390) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:37

(RHSA-2022:1389) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:07

altlinux

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.12-alt1

2021-06-15 00:00:00

oraclelinux

libxml2 security update

2021-07-03 00:00:00

rocky

libxml2 security update

2021-06-29 13:42:19

gentoo

libxml2: Multiple vulnerabilities

2021-07-06 00:00:00

cloudlinux

Fix of CVE: CVE-2021-3516, CVE-2021-3537, CVE-2017-8872, CVE-2021-3518, CVE-2019-20388, CVE-2020-24977, CVE-2021-3541, CVE-2021-3517

2021-12-28 13:15:15

Fix of 8 CVEs

2022-01-11 12:18:56

ubuntu

libxml2 vulnerabilities

2021-06-17 00:00:00

cloudfoundry

USN-4991-1: libxml2 vulnerabilities | Cloud Foundry

2021-07-08 00:00:00

rosalinux

Advisory ROSA-SA-2021-1905

2021-07-02 17:25:35

ics

Hitachi Energy APM Edge (Update A)

2022-10-18 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

oracle

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - October 2021

2021-10-19 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.014

Percentile

86.5%

JSON

Related for RH:CVE-2021-3537