---

CVE-2021-3517 - log back

CVE-2021-3517 edited at 20 Oct 2021 17:39:38
Severity	- Medium + High
Description	- A heap-based buffer overflow was found in libxml2 before version 2.9.11 when processing truncated UTF-8 input. + A heap-based buffer overflow was found in libxml2 before version 2.9.11, as packaged in OpenJFX before version 8u312 in the javafx/web component, when processing truncated UTF-8 input.
References	https://bugzilla.redhat.com/show_bug.cgi?id=1954232 https://gitlab.gnome.org/GNOME/libxml2/-/issues/235 https://gitlab.gnome.org/GNOME/libxml2/-/issues/236 https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2 + https://openjdk.java.net/groups/vulnerability/advisories/2021-10-19

CVE-2021-3517 edited at 13 May 2021 15:58:47
Description	- A heap-based buffer overflow was found in libxml2 when processing truncated UTF-8 input. + A heap-based buffer overflow was found in libxml2 before version 2.9.11 when processing truncated UTF-8 input.

CVE-2021-3517 edited at 27 Apr 2021 18:58:08
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A heap-based buffer overflow was found in libxml2 when processing truncated UTF-8 input.
References	+ https://bugzilla.redhat.com/show_bug.cgi?id=1954232 + https://gitlab.gnome.org/GNOME/libxml2/-/issues/235 + https://gitlab.gnome.org/GNOME/libxml2/-/issues/236 + https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2

CVE-2021-3517 created at 27 Apr 2021 18:55:46
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes