CVE-2021-3518

EPSS 0.25% · P48 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-3518

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

释放后使用

Source: NVD (National Vulnerability Database)

Vulnerability Title

libxml2 资源管理错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

libxml2是开源的一个用来解析XML文档的函数库。它用C语言写成，并且能为多种语言所调用，例如C语言，C++，XSH。 libxml2 中xinclude.c存在资源管理错误漏洞，该漏洞源于网络系统或产品对系统资源（如内存、磁盘空间、文件等）的管理不当。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	libxml2	libxml2 2.9.11	-

II. Public POCs for CVE-2021-3518

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-3518

请登录查看更多情报信息。

https://www.oracle.com/security-alerts/cpuoct2021.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpuapr2022.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpujul2022.htmlx_refsource_MISC
https://support.apple.com/kb/HT212605x_refsource_CONFIRM
About the security content of tvOS 14.7 - Apple Supportx_refsource_CONFIRM
https://support.apple.com/kb/HT212601x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1954242x_refsource_MISC
https://support.apple.com/kb/HT212602x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20210625-0002/x_refsource_CONFIRM
https://security.gentoo.org/glsa/202107-05vendor-advisoryx_refsource_GENTOO
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/vendor-advisoryx_refsource_FEDORA
http://seclists.org/fulldisclosure/2021/Jul/59mailing-listx_refsource_FULLDISC
http://seclists.org/fulldisclosure/2021/Jul/58mailing-listx_refsource_FULLDISC
http://seclists.org/fulldisclosure/2021/Jul/55mailing-listx_refsource_FULLDISC
http://seclists.org/fulldisclosure/2021/Jul/54mailing-listx_refsource_FULLDISC
https://lists.debian.org/debian-lts-announce/2021/05/msg00008.htmlmailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Emailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2021-3518

Same Patch Batch · n/a · 2021-05-18 · 39 CVEs total

CVE-2020-23851		ffjpeg 缓冲区错误漏洞
CVE-2021-3200		libsolv 缓冲区错误漏洞
CVE-2021-32305		websvn 操作系统命令注入漏洞
CVE-2020-20951		Pluck 命令注入漏洞
CVE-2020-24740		Pluck 跨站请求伪造漏洞
CVE-2020-23861		GNU LibreDWG 缓冲区错误漏洞
CVE-2021-32238		Epic Games Rocket League 缓冲区错误漏洞
CVE-2020-23856		GNU cflow 资源管理错误漏洞
CVE-2020-24026		TinyShop 跨站脚本漏洞
CVE-2020-23852		ffjpeg 缓冲区错误漏洞
CVE-2020-18178		HongCMS 路径遍历漏洞
CVE-2020-20254		Mikrotik RouterOs 代码问题漏洞
CVE-2020-20253		MikroTik RouterOS 数字错误漏洞
CVE-2021-30145		node-mpv 格式化字符串错误漏洞
CVE-2021-22117		Pivotal Software RabbitMQ 代码注入漏洞
CVE-2020-25709		OpenLDAP 安全漏洞
CVE-2002-2438		TCP 授权问题漏洞
CVE-2021-31827		Progress Software MOVEit Transfer SQL注入漏洞
CVE-2021-3531		Red Hat Ceph 输入验证错误漏洞
CVE-2020-19924		BoostIO Boostnote 跨站脚本漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: libxml2

Same vendor: n/a

Same weakness: CWE-416

V. Comments for CVE-2021-3518

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-3518

I. Basic Information for CVE-2021-3518

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-3518

III. Intelligence Information for CVE-2021-3518

Same Patch Batch · n/a · 2021-05-18 · 39 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-3518

Leave a comment