diff --git a/CVE-2021-31348.patch b/CVE-2021-31348.patch
new file mode 100644
index 0000000000000000000000000000000000000000..b27f9719d79c2690250511b0c3613018c23c8048
--- /dev/null
+++ b/CVE-2021-31348.patch
@@ -0,0 +1,12 @@
+diff -Naru "netcdf-c-4.7.3 copy/libdap4/ezxml.c" netcdf-c-4.7.3/libdap4/ezxml.c
+--- "netcdf-c-4.7.3 copy/libdap4/ezxml.c"	2022-07-13 10:24:32.128424000 +0800
++++ netcdf-c-4.7.3/libdap4/ezxml.c	2022-07-13 10:24:57.220170000 +0800
+@@ -574,7 +574,7 @@
+             for (l = 0; *s && ((! l && *s != '>') || (l && (*s != ']' ||
+                  *(s + strspn(s + 1, EZXML_WS) + 1) != '>')));
+                  l = (*s == '[') ? 1 : l) s += strcspn(s + 1, "[]>") + 1;
+-            if (! *s && e != '>')
++            if (! *s)
+                 return ezxml_err(root, d, "unclosed <!DOCTYPE");
+             d = (l) ? strchr(d, '[') + 1 : d;
+             if (l && ! ezxml_internal_dtd(root, d, s++ - d)) return &root->xml;
diff --git a/netcdf.spec b/netcdf.spec
index 7afa414263f6c31c9478e11449079ca71aac93e3..a89776c348cac7f770afadd5f78e394b93f8473e 100644
--- a/netcdf.spec
+++ b/netcdf.spec
@@ -1,11 +1,12 @@
 Name:           netcdf
 Version:        4.7.3
-Release:        1
+Release:        2
 Summary:        Libraries for the Unidata network Common Data Form
 
 License:        NetCDF
 URL:            https://github.com/Unidata/netcdf-c
 Source0:        https://github.com/Unidata/netcdf-c/archive/v%{version}/%{name}-%{version}.tar.gz
+Patch0000:      CVE-2021-31348.patch
 
 BuildRequires:  make
 BuildRequires:  environment-modules
@@ -291,6 +292,9 @@ make %{?_smp_mflags} -C build check
 %endif
 
 %changelog
+* Wed Jul 13 2022 dengyuyu <yuyu.deng@epro.com.cn> - 4.7.3-2
+- fix CVE-2021-31348
+
 * Fri Tue 30 2021 caodongxia <caodongxia@huawei.com> - 4.7.3-1
 - Upgrade to 4.7.3