CVE-2021-3541

MEDIUM

libxml2 - DoS

Title source: llm

Description

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

References (3)

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1950515

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpujan2022.html

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20210805-0007/

Scores

CVSS v3 6.5

EPSS 0.0006

EPSS Percentile 18.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-776

Status published

Products (19)

netapp/active_iq_unified_manager

netapp/cloud_backup

netapp/clustered_data_ontap

netapp/clustered_data_ontap_antivirus_connector

netapp/h300e_firmware

netapp/h300s_firmware

netapp/h410c_firmware

netapp/h410s_firmware

netapp/h500e_firmware

netapp/h500s_firmware

... and 9 more

Published Jul 09, 2021

Tracked Since Feb 18, 2026