Vulnerabilities > CVE-2021-3518 - Use After Free vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Vulnerable Configurations

Part Description Count
Application
Xmlsoft
172
Application
Redhat
1
Application
Netapp
6
Application
Oracle
29
OS
Debian
1
OS
Redhat
1
OS
Fedoraproject
2
OS
Netapp
1
Hardware
Netapp
1

Common Weakness Enumeration (CWE)

References