CVE-2021-3541

Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion) in conan/libxml2

Identifier

CVE-2021-3541

Package Slug

conan/libxml2

Vulnerability

Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion)

Description

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

Affected Versions

All versions before 2.9.11

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-07-13

source