There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.
{ "vanir_signatures": [ { "deprecated": false, "digest": { "line_hashes": [ "125923364555687102912767750593616075062", "164402031157988608807981467698484062586", "187480151731575691958788539215601771876", "198926099027557728522349673134118447470" ], "threshold": 0.9 }, "source": "https://gitlab.gnome.org/GNOME/libxml2@1358d157d0bd83be1dfe356a69213df9fac0b539", "signature_type": "Line", "id": "CVE-2021-3516-414b5298", "signature_version": "v1", "target": { "file": "xmllint.c" } } ] }