CVE-2021-3537 log

Source
Severity Low
Remote Yes
Type Denial of service
Description
It was found that libxml2 before version 2.9.11 did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application.
Group Package Affected Fixed Severity Status Ticket
AVG-1883 libxml2 2.9.10-9 2.9.11-1 Medium Fixed FS#70822
References
https://bugzilla.redhat.com/show_bug.cgi?id=1956522
https://gitlab.gnome.org/GNOME/libxml2/-/issues/243
https://gitlab.gnome.org/GNOME/libxml2/-/issues/244
https://gitlab.gnome.org/GNOME/libxml2/-/issues/245
https://gitlab.gnome.org/GNOME/libxml2/-/commit/babe75030c7f64a37826bb3342317134568bef61