CVE-2021-3517 log

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
A heap-based buffer overflow was found in libxml2 before version 2.9.11, as packaged in OpenJFX before version 8u312 in the javafx/web component, when processing truncated UTF-8 input.
Group Package Affected Fixed Severity Status Ticket
AVG-2481 java8-openjfx, java8-openjfx-src 8.u202-3 High Vulnerable
AVG-1883 libxml2 2.9.10-9 2.9.11-1 High Fixed FS#70822
References
https://bugzilla.redhat.com/show_bug.cgi?id=1954232
https://gitlab.gnome.org/GNOME/libxml2/-/issues/235
https://gitlab.gnome.org/GNOME/libxml2/-/issues/236
https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2
https://openjdk.java.net/groups/vulnerability/advisories/2021-10-19