A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

CPENameOperatorVersion
zfs_storage_appliance_kiteq8.8
libxml2lt2.9.11

CPE	Name	Operator	Version
	zfs_storage_appliance_kit	eq	8.8
	libxml2	lt	2.9.11

References

bugzilla.redhat.com/show_bug.cgi?id=1950515

security.netapp.com/advisory/ntap-20210805-0007/

www.oracle.com/security-alerts/cpujan2022.html

nessus 35

veracode 1

suse 2

debiancve 1

alpinelinux 1

openvas 28

debian 1

fedora 4

mageia 2

redos 14

slackware 1

freebsd 1

osv 15

ubuntucve 1

nvd 1

cve 1

redhatcve 1

cvelist 1

amazon 2

rocky 1

almalinux 1

oraclelinux 1

redhat 14

altlinux 1

gentoo 1

cloudlinux 2

github 1

cloudfoundry 1

ubuntu 1

ics 2

ibm 3

tenable 1

oracle 1

nessus

SUSE SLED12 / SLES12 Security Update : libxml2 (SUSE-SU-2021:2016-1)

2021-06-21 00:00:00

openSUSE 15 Security Update : libxml2 (openSUSE-SU-2021:1917-1)

2021-07-16 00:00:00

FreeBSD : libxml2 -- Possible denial of service (524bd03a-bb75-11eb-bf35-080027f515ea)

2021-05-24 00:00:00

veracode

Billion Laugh Attack

2021-05-22 19:17:01

suse

Security update for libxml2 (moderate)

2021-06-16 00:00:00

Security update for libxml2 (moderate)

2021-07-11 00:00:00

debiancve

CVE-2021-3541

2021-07-09 17:15:07

alpinelinux

CVE-2021-3541

2021-07-09 17:15:07

openvas

openSUSE: Security Advisory for libxml2 (openSUSE-SU-2021:0886-1)

2021-06-17 00:00:00

openSUSE: Security Advisory for libxml2 (openSUSE-SU-2021:1917-1)

2021-07-13 00:00:00

Debian: Security Advisory (DLA-2669-1)

2021-05-31 00:00:00

debian

[SECURITY] [DLA 2669-1] libxml2 security update

2021-05-30 08:06:16

fedora

[SECURITY] Fedora 34 Update: libxml2-2.9.12-2.fc34

2021-05-24 01:02:01

[SECURITY] Fedora 33 Update: libxml2-2.9.12-4.fc33

2021-06-14 01:22:50

[SECURITY] Fedora 35 Update: qt5-qtwebengine-5.15.8-2.fc35

2022-01-30 01:44:13

mageia

Updated libxml2 packages fix a security vulnerability

2021-06-08 17:33:02

Updated qtwebengine5 packages fix security vulnerability

2022-02-05 23:23:13

redos

ROS-2-710

2021-09-08 00:00:00

ROS-2-831

2021-09-08 00:00:00

ROS-2-620

2021-09-08 00:00:00

slackware

[slackware-security] libxml2

2021-05-15 18:12:35

freebsd

libxml2 -- Possible denial of service

2021-05-18 00:00:00

osv

Heap-use-after-free in xmlAddNextSibling

2021-05-20 00:00:30

libxml2 - security update

2021-05-30 00:00:00

Moderate: libxml2 security update

2021-06-29 13:42:19

ubuntucve

CVE-2021-3541

2021-05-18 00:00:00

nvd

CVE-2021-3541

2021-07-09 17:15:07

cve

CVE-2021-3541

2021-07-09 17:15:07

redhatcve

CVE-2021-3541

2021-05-13 17:39:55

cvelist

CVE-2021-3541

2021-07-09 16:02:21

amazon

Medium: libxml2

2021-06-16 20:37:00

Medium: libxml2

2023-04-27 16:19:00

rocky

libxml2 security update

2021-06-29 13:42:19

almalinux

Moderate: libxml2 security update

2021-06-29 13:42:19

oraclelinux

libxml2 security update

2021-07-03 00:00:00

redhat

(RHSA-2021:2569) Moderate: libxml2 security update

2021-06-29 13:42:19

(RHSA-2022:1390) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:37

(RHSA-2022:1389) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP11 security update

2022-04-20 19:26:07

altlinux

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.12-alt1

2021-06-15 00:00:00

gentoo

libxml2: Multiple vulnerabilities

2021-07-06 00:00:00

cloudlinux

Fix of CVE: CVE-2021-3516, CVE-2021-3537, CVE-2017-8872, CVE-2021-3518, CVE-2019-20388, CVE-2020-24977, CVE-2021-3541, CVE-2021-3517

2021-12-28 13:15:15

Fix of 8 CVEs

2022-01-11 12:18:56

github

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

2021-05-17 20:52:05

cloudfoundry

USN-4991-1: libxml2 vulnerabilities | Cloud Foundry

2021-07-08 00:00:00

ubuntu

libxml2 vulnerabilities

2021-06-17 00:00:00

ics

Hitachi Energy APM Edge (Update A)

2022-10-18 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

ibm

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Verify Access

2022-01-07 00:24:27

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

2021-12-03 18:52:37

Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs

2021-10-19 15:38:04

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

oracle

Oracle Critical Patch Update Advisory - January 2022

2022-01-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.9%

JSON

Related for PRION:CVE-2021-3541