Summaryinfo

A vulnerability, which was classified as problematic, was found in libxml2. This affects an unknown part of the component Entity Expansion Handler. The manipulation results in denial of service. This vulnerability is cataloged as CVE-2021-3541. There is no exploit available. It is best practice to apply a patch to resolve this issue. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Detailsinfo

A vulnerability was found in libxml2 (Document Processing Software) (affected version not known). It has been classified as problematic. Affected is some unknown functionality of the component Entity Expansion Handler. The manipulation with an unknown input leads to a denial of service vulnerability. CWE is classifying the issue as CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. This is going to have an impact on availability.

The weakness was shared 05/17/2021. The advisory is available at bugzilla.redhat.com. This vulnerability is traded as CVE-2021-3541. The technical details are unknown and an exploit is not available.

The vulnerability scanner Nessus provides a plugin with the ID 236735 (Alibaba Cloud Linux 3 : 0047: libxml2 (ALINUX3-SA-2021:0047)), which helps to determine the existence of the flaw in a target environment.

Applying a patch is able to eliminate this problem. The bugfix is ready for download at gitlab.gnome.org.

The vulnerability is also documented in the vulnerability database at Tenable (236735). VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Document Processing Software

Name

• libxml2

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion