RHSA-2021:2569
Vulnerability from csaf_redhat - Published: 2021-06-29 16:38 - Updated: 2025-12-02 22:28Summary
Red Hat Security Advisory: libxml2 security update
Severity
Moderate
Notes
Topic: An update for libxml2 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c (CVE-2021-3516)
* libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c (CVE-2021-3517)
* libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c (CVE-2021-3518)
* libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode (CVE-2021-3537)
* libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms (CVE-2021-3541)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
There's a flaw in libxml2's xmllint. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2569
Workaround
This flaw can be mitigated by not using xmllint with the --html and --push options together.
There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.
8.6 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2569
There's a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.
8.6 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2569
A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parsed in recovery mode and post validated. The highest threat from this vulnerability is to system availability.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2569
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2569
References
Acknowledgments
SQLab NCTU Taiwan
zodf0055980
NSLab NTU Taiwan
yuawn
Sebastian Pipping
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c (CVE-2021-3516)\n\n* libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c (CVE-2021-3517)\n\n* libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c (CVE-2021-3518)\n\n* libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode (CVE-2021-3537)\n\n* libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms (CVE-2021-3541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:2569",
"url": "https://access.redhat.com/errata/RHSA-2021:2569"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1950515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515"
},
{
"category": "external",
"summary": "1954225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954225"
},
{
"category": "external",
"summary": "1954232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954232"
},
{
"category": "external",
"summary": "1954242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954242"
},
{
"category": "external",
"summary": "1956522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956522"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2569.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-12-02T22:28:11+00:00",
"generator": {
"date": "2025-12-02T22:28:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2021:2569",
"initial_release_date": "2021-06-29T16:38:07+00:00",
"revision_history": [
{
"date": "2021-06-29T16:38:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-06-29T16:38:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-02T22:28:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.2.aarch64",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.2.aarch64",
"product_id": "libxml2-0:2.9.7-9.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"product_id": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-9.el8_4.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"product_id": "libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"product_id": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-9.el8_4.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.2.i686",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.2.i686",
"product_id": "libxml2-0:2.9.7-9.el8_4.2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.2.x86_64",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.2.x86_64",
"product_id": "libxml2-0:2.9.7-9.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"product_id": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-9.el8_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.2.s390x",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.2.s390x",
"product_id": "libxml2-0:2.9.7-9.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"product": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"product_id": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-9.el8_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.2.src",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.2.src",
"product_id": "libxml2-0:2.9.7-9.el8_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"zodf0055980"
],
"organization": "SQLab NCTU Taiwan"
}
],
"cve": "CVE-2021-3516",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1954225"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in libxml2\u0027s xmllint. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The only known exploitation path of this flaw is via the xmllint tool.\n\nThis flaw is out of support scope for Red Hat Enterprise Linux 6 and 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3516"
},
{
"category": "external",
"summary": "RHBZ#1954225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954225"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3516"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3516",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3516"
}
],
"release_date": "2021-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-29T16:38:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2569"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not using xmllint with the --html and --push options together.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c"
},
{
"acknowledgments": [
{
"names": [
"zodf0055980"
],
"organization": "SQLab NCTU Taiwan"
}
],
"cve": "CVE-2021-3517",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2021-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1954232"
}
],
"notes": [
{
"category": "description",
"text": "There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for Red Hat Enterprise Linux 6 and 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3517"
},
{
"category": "external",
"summary": "RHBZ#1954232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3517"
}
],
"release_date": "2021-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-29T16:38:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2569"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c"
},
{
"acknowledgments": [
{
"names": [
"zodf0055980"
],
"organization": "SQLab NCTU Taiwan"
}
],
"cve": "CVE-2021-3518",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-04-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1954242"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in libxml2. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is out of support scope for Red Hat Enterprise Linux 6 and 7. To learn more about Red Hat Enterprise Linux support life cycles, please see https://access.redhat.com/support/policy/updates/errata .",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3518"
},
{
"category": "external",
"summary": "RHBZ#1954242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3518",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3518"
}
],
"release_date": "2021-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-29T16:38:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2569"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c"
},
{
"acknowledgments": [
{
"names": [
"yuawn"
],
"organization": "NSLab NTU Taiwan"
}
],
"cve": "CVE-2021-3537",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1956522"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in libxml2, where it did not propagate errors while parsing XML mixed content. This flaw causes the application to crash if an untrusted XML document is parsed in recovery mode and post validated. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For the flaw to be exploitable, the document must be parsed in recovery mode and post validated (e.g.: when used in the `xmlling` tool, both `-recover` and `-postvalid` options must be used for the flaw to be exploitable)",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3537"
},
{
"category": "external",
"summary": "RHBZ#1956522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956522"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3537"
}
],
"release_date": "2021-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-29T16:38:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2569"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode"
},
{
"acknowledgments": [
{
"names": [
"Sebastian Pipping"
]
}
],
"cve": "CVE-2021-3541",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1950515"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3541"
},
{
"category": "external",
"summary": "RHBZ#1950515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3541",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3541"
}
],
"release_date": "2021-05-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-29T16:38:07+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.",
"product_ids": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2569"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"AppStream-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.src",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-9.el8_4.2.x86_64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.aarch64",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.i686",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.ppc64le",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.s390x",
"BaseOS-8.4.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…