Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-3541

Опубликовано: 09 июл. 2021
Источник: debian
EPSS Низкий

Описание

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libxml2fixed2.9.10+dfsg-6.7package
libxml2fixed2.9.4+dfsg1-7+deb10u2busterpackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1950515

  • https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e

  • https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private)

  • https://blog.hartwork.org/posts/cve-2021-3541-parameter-laughs-fixed-in-libxml2-2-9-11/

EPSS

Процентиль: 23%
0.00076
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-3541

CVSS3: 6.5
ubuntu
около 4 лет назад

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

redhat логотип

CVE-2021-3541

CVSS3: 6.5
redhat
больше 4 лет назад

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

nvd логотип

CVE-2021-3541

CVSS3: 6.5
nvd
около 4 лет назад

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

suse-cvrf логотип

openSUSE-SU-2021:1917-1

suse-cvrf
около 4 лет назад

Security update for libxml2

suse-cvrf логотип

openSUSE-SU-2021:0886-1

suse-cvrf
около 4 лет назад

Security update for libxml2

EPSS

Процентиль: 23%
0.00076
Низкий