CVE-2021-3537 - Xmlsoft Libxml2, Debian Debian Linux and Redhat Jboss Core Services
Moderate 5.9
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
Affected software
Xmlsoft Libxml2
Debian Debian Linux
Redhat Jboss Core Services
Redhat Enterprise Linux
Fedoraproject Fedora