CVE-2021-3537 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Denial of service
Description	It was found that libxml2 before version 2.9.11 did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1883	libxml2	2.9.10-9	2.9.11-1	High	Fixed	FS#70822

References
https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://gitlab.gnome.org/GNOME/libxml2/-/issues/243 https://gitlab.gnome.org/GNOME/libxml2/-/issues/244 https://gitlab.gnome.org/GNOME/libxml2/-/issues/245 https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61

References

https://bugzilla.redhat.com/show_bug.cgi?id=1956522
https://gitlab.gnome.org/GNOME/libxml2/-/issues/243
https://gitlab.gnome.org/GNOME/libxml2/-/issues/244
https://gitlab.gnome.org/GNOME/libxml2/-/issues/245
https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61