QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2021-3517

Back to search

CVE-2021-3517

Published: May 19, 2021

Modified: Dec 2, 2025

PUBLISHED

Description

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.

VendorProductVersions

n/a

libxml2

affected
libxml2 2.9.11

Weaknesses (CWE)

CWE-787

References

FEDORA-2021-e3ed1ba38b
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-b950000d2b
vendor-advisory
x_refsource_FEDORA
GLSA-202107-05
vendor-advisory
x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now