CVE-2021-3541

Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion) in nuget/libxml2.vc140_xp.mt.static.x86

Identifier

CVE-2021-3541

Package Slug

nuget/libxml2.vc140_xp.mt.static.x86

Vulnerability

Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion)

Description

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

Affected Versions

All versions before 2.9.11

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-07-13

source