RHSA-2021:2569-01 -- Redhat libxml2, python3-libxml2ID: oval:org.secpod.oval:def:73714 | Date: (C)2021-07-12 (M)2024-02-19 |
Class: PATCH | Family: unix |
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use-after-free in xmlEncodeEntitiesInternal in entities.c * libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c * libxml2: Use-after-free in xmlXIncludeDoProcess in xinclude.c * libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode * libxml2: Exponential entity expansion attack bypasses all existing protection mechanisms For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Product: |
libxml2 |
python3-libxml2 |