Vulnerabilities > CVE-2021-3518 - Use After Free vulnerability in multiple products

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Vulnerable Configurations

Part	Description	Count
Application	Xmlsoft Xmlsoft Libxml2 - Xmlsoft Libxml2 1.7.0 Xmlsoft Libxml2 1.7.1 Xmlsoft Libxml2 1.7.2 Xmlsoft Libxml2 1.7.3 Xmlsoft Libxml2 1.7.4 Xmlsoft Libxml2 1.8.0 Xmlsoft Libxml2 1.8.1 Xmlsoft Libxml2 1.8.2 Xmlsoft Libxml2 1.8.3 Xmlsoft Libxml2 1.8.4 Xmlsoft Libxml2 1.8.5 Xmlsoft Libxml2 1.8.6 Xmlsoft Libxml2 1.8.7 Xmlsoft Libxml2 1.8.9 Xmlsoft Libxml2 1.8.10 Xmlsoft Libxml2 1.8.13 Xmlsoft Libxml2 1.8.14 Xmlsoft Libxml2 1.8.16 Xmlsoft Libxml2 2.0.0 Xmlsoft Libxml2 2.1.0 Xmlsoft Libxml2 2.1.1 Xmlsoft Libxml2 2.2.0 Xmlsoft Libxml2 2.2.1 Xmlsoft Libxml2 2.2.2 Xmlsoft Libxml2 2.2.3 Xmlsoft Libxml2 2.2.4 Xmlsoft Libxml2 2.2.5 Xmlsoft Libxml2 2.2.6 Xmlsoft Libxml2 2.2.7 Xmlsoft Libxml2 2.2.8 Xmlsoft Libxml2 2.2.9 Xmlsoft Libxml2 2.2.10 Xmlsoft Libxml2 2.2.11 Xmlsoft Libxml2 2.3.0 Xmlsoft Libxml2 2.3.1 Xmlsoft Libxml2 2.3.2 Xmlsoft Libxml2 2.3.3 Xmlsoft Libxml2 2.3.4 Xmlsoft Libxml2 2.3.5 Xmlsoft Libxml2 2.3.6 Xmlsoft Libxml2 2.3.7 Xmlsoft Libxml2 2.3.8 Xmlsoft Libxml2 2.3.9 Xmlsoft Libxml2 2.3.10 Xmlsoft Libxml2 2.3.11 Xmlsoft Libxml2 2.3.12 Xmlsoft Libxml2 2.3.13 Xmlsoft Libxml2 2.3.14 Xmlsoft Libxml2 2.4.1 Xmlsoft Libxml2 2.4.2 Xmlsoft Libxml2 2.4.3 Xmlsoft Libxml2 2.4.4 Xmlsoft Libxml2 2.4.5 Xmlsoft Libxml2 2.4.6 Xmlsoft Libxml2 2.4.7 Xmlsoft Libxml2 2.4.8 Xmlsoft Libxml2 2.4.9 Xmlsoft Libxml2 2.4.10 Xmlsoft Libxml2 2.4.11 Xmlsoft Libxml2 2.4.12 Xmlsoft Libxml2 2.4.13 Xmlsoft Libxml2 2.4.14 Xmlsoft Libxml2 2.4.15 Xmlsoft Libxml2 2.4.16 Xmlsoft Libxml2 2.4.17 Xmlsoft Libxml2 2.4.18 Xmlsoft Libxml2 2.4.19 Xmlsoft Libxml2 2.4.20 Xmlsoft Libxml2 2.4.21 Xmlsoft Libxml2 2.4.22 Xmlsoft Libxml2 2.4.23 Xmlsoft Libxml2 2.4.24 Xmlsoft Libxml2 2.4.25 Xmlsoft Libxml2 2.4.26 Xmlsoft Libxml2 2.4.27 Xmlsoft Libxml2 2.4.28 Xmlsoft Libxml2 2.4.29 Xmlsoft Libxml2 2.4.30 Xmlsoft Libxml2 2.5.0 Xmlsoft Libxml2 2.5.1 Xmlsoft Libxml2 2.5.2 Xmlsoft Libxml2 2.5.3 Xmlsoft Libxml2 2.5.4 Xmlsoft Libxml2 2.5.5 Xmlsoft Libxml2 2.5.6 Xmlsoft Libxml2 2.5.7 Xmlsoft Libxml2 2.5.8 Xmlsoft Libxml2 2.5.9 Xmlsoft Libxml2 2.5.10 Xmlsoft Libxml2 2.5.11 Xmlsoft Libxml2 2.6.0 Xmlsoft Libxml2 2.6.1 Xmlsoft Libxml2 2.6.2 Xmlsoft Libxml2 2.6.3 Xmlsoft Libxml2 2.6.4 Xmlsoft Libxml2 2.6.5 Xmlsoft Libxml2 2.6.6 Xmlsoft Libxml2 2.6.7 Xmlsoft Libxml2 2.6.8 Xmlsoft Libxml2 2.6.9 Xmlsoft Libxml2 2.6.10 Xmlsoft Libxml2 2.6.11 Xmlsoft Libxml2 2.6.12 Xmlsoft Libxml2 2.6.13 Xmlsoft Libxml2 2.6.14 Xmlsoft Libxml2 2.6.15 Xmlsoft Libxml2 2.6.16 Xmlsoft Libxml2 2.6.17 Xmlsoft Libxml2 2.6.18 Xmlsoft Libxml2 2.6.19 Xmlsoft Libxml2 2.6.20 Xmlsoft Libxml2 2.6.21 Xmlsoft Libxml2 2.6.22 Xmlsoft Libxml2 2.6.23 Xmlsoft Libxml2 2.6.24 Xmlsoft Libxml2 2.6.25 Xmlsoft Libxml2 2.6.26 Xmlsoft Libxml2 2.6.27 Xmlsoft Libxml2 2.6.28 Xmlsoft Libxml2 2.6.29 Xmlsoft Libxml2 2.6.30 Xmlsoft Libxml2 2.6.31 Xmlsoft Libxml2 2.6.32 Xmlsoft Libxml2 2.7.0 Xmlsoft Libxml2 2.7.1 Xmlsoft Libxml2 2.7.2 Xmlsoft Libxml2 2.7.3 Xmlsoft Libxml2 2.7.4 Xmlsoft Libxml2 2.7.5 Xmlsoft Libxml2 2.7.6 Xmlsoft Libxml2 2.7.7 Xmlsoft Libxml2 2.7.8 Xmlsoft Libxml2 2.8.0 Xmlsoft Libxml2 2.9.0 Xmlsoft Libxml2 2.9.1 Xmlsoft Libxml2 2.9.2 Xmlsoft Libxml2 2.9.3 Xmlsoft Libxml2 2.9.4 Xmlsoft Libxml2 2.9.5 Xmlsoft Libxml2 2.9.6 Xmlsoft Libxml2 2.9.7 Xmlsoft Libxml2 2.9.8 Xmlsoft Libxml2 2.9.9 Xmlsoft Libxml2 2.9.10	172
Application	Redhat Redhat Jboss Core Services -	1
Application	Netapp Netapp Ontap Select Deploy Administration Utility - Netapp Clustered Data Ontap - Netapp Clustered Data Ontap Antivirus Connector - Netapp Snapdrive - Netapp Active IQ Unified Manager - Netapp Manageability Software Development KIT -	6
Application	Oracle Oracle Peoplesoft Enterprise Peopletools 8.58 Oracle Enterprise Manager Base Platform 13.4.0.0 Oracle Enterprise Manager Base Platform 13.5.0.0 Oracle Enterprise Manager OPS Center 12.4.0.0 Oracle Mysql Workbench - Oracle Mysql Workbench 5.2.47 Oracle Mysql Workbench 6.0.9 Oracle Mysql Workbench 6.1.7 Oracle Mysql Workbench 6.2.5 Oracle Mysql Workbench 6.3.8 Oracle Mysql Workbench 6.3.10 Oracle Mysql Workbench 8.0.12 Oracle Mysql Workbench 8.0.13 Oracle Mysql Workbench 8.0.14 Oracle Mysql Workbench 8.0.15 Oracle Mysql Workbench 8.0.16 Oracle Mysql Workbench 8.0.17 Oracle Mysql Workbench 8.0.18 Oracle Mysql Workbench 8.0.19 Oracle Mysql Workbench 8.0.20 Oracle Mysql Workbench 8.0.21 Oracle Mysql Workbench 8.0.22 Oracle Mysql Workbench 8.0.23 Oracle Mysql Workbench 8.0.24 Oracle Mysql Workbench 8.0.25 Oracle Mysql Workbench 8.0.26 Oracle Real User Experience Insight 13.4.1.0 Oracle Real User Experience Insight 13.5.1.0 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0	29
OS	Debian Debian Debian Linux 9.0	1
OS	Redhat Redhat Enterprise Linux 8.0	1
OS	Fedoraproject Fedoraproject Fedora 33 Fedoraproject Fedora 34	2
OS	Netapp Netapp HCI H410C Firmware -	1
Hardware	Netapp Netapp HCI H410C -	1

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References