CVE
CVE-2021-3517
| CVE ID |
CVE-2021-3517
|
|---|---|
| CVSS Score |
8.6
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
libxml2-2.9.1-6_ol011.el7.6
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
xmlBufAttrSerializeTxtContent() in xmlsave.c in allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a non-UTF-8 attribute value, related to serialization. entities.c:xmlEncodeEntitiesInternal() triggers a heap-buffer-overflow read with a crafted XML payload.