CVE-2021-3516

Summary:

There’s a flaw in libxml2’s xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

Reference Links(if available):

https://bugzilla.redhat.com/show_bug.cgi?id=1954225

https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539

https://gitlab.gnome.org/GNOME/libxml2/-/issues/230

https://lists.fedoraproject.org/archives/list/[email protected]/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/

https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Tags: CVE, CVE-2021-3516, Issue Tracking, MISC, vulnerability

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Joint Guidance on Deploying AI Systems Securely

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Joint Guidance on Deploying AI Systems Securely

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400