libxml2 is vulnerable to arbitrary code execution. A use-after-free occurs in xmllint when --html and --push options are used, allowing an attacker to execute arbitrary code on the host OS by submitting malicious files.

References

bugzilla.redhat.com/show_bug.cgi?id=1954225

gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539

gitlab.gnome.org/GNOME/libxml2/-/issues/230

lists.debian.org/debian-lts-announce/2021/05/msg00008.html

lists.fedoraproject.org/archives/list/[email protected]/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/

lists.fedoraproject.org/archives/list/[email protected]/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/

security-tracker.debian.org/tracker/CVE-2021-3516

security.gentoo.org/glsa/202107-05

security.netapp.com/advisory/ntap-20210716-0005/

www.oracle.com/security-alerts/cpujan2022.html

nessus 34

openvas 23

cvelist 1

cve 1

nvd 1

ubuntucve 1

debiancve 1

redhatcve 1

prion 1

suse 2

amazon 2

debian 1

mageia 1

fedora 2

osv 6

rocky 1

altlinux 1

redhat 14

almalinux 1

oraclelinux 1

gentoo 1

github 1

cloudlinux 2

ubuntu 1

cloudfoundry 1

ibm 6

ics 2

oracle 1

nessus

EulerOS Virtualization 3.0.2.0 : libxml2 (EulerOS-SA-2021-2833)

2021-12-29 00:00:00

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2021-2508)

2021-09-27 00:00:00

openSUSE Security Update : libxml2 (openSUSE-2021-692)

2021-05-18 00:00:00

openvas

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-2508)

2021-09-28 00:00:00

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-2833)

2021-12-30 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:1524-1)

2021-06-09 00:00:00

cvelist

CVE-2021-3516

2021-06-01 13:38:13

cve

CVE-2021-3516

2021-06-01 14:15:10

nvd

CVE-2021-3516

2021-06-01 14:15:10

ubuntucve

CVE-2021-3516

2021-06-01 00:00:00

debiancve

CVE-2021-3516

2021-06-01 14:15:10

redhatcve

CVE-2021-3516

2021-04-27 19:31:42

prion

Design/Logic Flaw

2021-06-01 14:15:00

suse

Security update for libxml2 (moderate)

2021-05-09 00:00:00

Security update for libxml2 (important)

2021-05-22 00:00:00

amazon

Medium: libxml2

2021-07-01 01:03:00

Medium: libxml2

2023-04-27 16:19:00

debian

[SECURITY] [DLA 2653-1] libxml2 security update

2021-05-10 12:31:54

mageia

Updated libxml2 packages fix security vulnerabilities

2021-05-19 22:29:59

fedora

[SECURITY] Fedora 34 Update: libxml2-2.9.10-12.fc34

2021-05-10 01:07:26

[SECURITY] Fedora 33 Update: libxml2-2.9.12-4.fc33

2021-06-14 01:22:50

osv

libxml2 - security update

2021-05-10 00:00:00

Moderate: libxml2 security update

2021-06-29 13:42:19

Moderate: libxml2 security update

2021-06-29 13:42:19

rocky

libxml2 security update

2021-06-29 13:42:19

altlinux

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.12-alt1

2021-06-15 00:00:00

redhat

(RHSA-2021:2569) Moderate: libxml2 security update

2021-06-29 13:42:19

(RHSA-2022:1390) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:37

(RHSA-2022:1389) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:07

almalinux

Moderate: libxml2 security update

2021-06-29 13:42:19

oraclelinux

libxml2 security update

2021-07-03 00:00:00

gentoo

libxml2: Multiple vulnerabilities

2021-07-06 00:00:00

github

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

2021-05-17 20:52:05

cloudlinux

Fix of 8 CVEs

2022-01-11 12:18:56

Fix of CVE: CVE-2021-3516, CVE-2021-3537, CVE-2017-8872, CVE-2021-3518, CVE-2019-20388, CVE-2020-24977, CVE-2021-3541, CVE-2021-3517

2021-12-28 13:15:15

ubuntu

libxml2 vulnerabilities

2021-06-17 00:00:00

cloudfoundry

USN-4991-1: libxml2 vulnerabilities | Cloud Foundry

2021-07-08 00:00:00

ibm

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

2023-05-05 16:01:31

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access

2022-01-07 00:24:27

Security Bulletin: Multiple security vulnerabilities fixed in Cloud Pak for Automation components

2022-01-19 16:26:59

ics

Hitachi Energy APM Edge (Update A)

2022-10-18 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

oracle

Oracle Critical Patch Update Advisory - January 2022

2022-01-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.002

Percentile

51.5%

JSON

Related for VERACODE:30392