Insecure deserialization In libxml2
Description
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Aliases
1. 2. 3. 4. 5. 6.