AVG-1883 log

Package libxml2
Status Vulnerable
Severity Medium
Type multiple issues
Affected 2.9.10-9
Fixed Unknown
Current 2.9.10-9 [extra]
Ticket Create
Created Tue Apr 27 18:48:16 2021
Issue Severity Remote Type Description
CVE-2021-3537 Low Yes Denial of service
It was found that libxml2 did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in...
CVE-2021-3518 Medium Yes Arbitrary code execution
A use-after-free security issue was found in libxml2 in xmlXIncludeDoProcess() in xinclude.c when processing crafted files.
CVE-2021-3517 Medium Yes Arbitrary code execution
A heap-based buffer overflow was found in libxml2 when processing truncated UTF-8 input.
CVE-2021-3516 Medium No Arbitrary code execution
A use-after-free security issue was found libxml2 when "xmllint --html --push" is used to process crafted files.