CVE-2021-3541 |
Low |
Yes |
Denial of service |
A security issue was found in libxml2 before version 2.9.11. Exponential entity expansion attack its possible bypassing all existing protection mechanisms... |
CVE-2021-3537 |
Low |
Yes |
Denial of service |
It was found that libxml2 before version 2.9.11 did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML... |
CVE-2021-3518 |
Medium |
Yes |
Arbitrary code execution |
A use-after-free security issue was found in libxml2 before version 2.9.11 in xmlXIncludeDoProcess() in xinclude.c when processing crafted files. |
CVE-2021-3517 |
High |
Yes |
Arbitrary code execution |
A heap-based buffer overflow was found in libxml2 before version 2.9.11, as packaged in OpenJFX before version 8u312 in the javafx/web component, when... |
CVE-2021-3516 |
Medium |
No |
Arbitrary code execution |
A use-after-free security issue was found libxml2 before version 2.9.11 when "xmllint --html --push" is used to process crafted files. |