Toddr

**Name of the Vulnerable Software and Affected Versions** XML::LibXML versions prior to 2.0211 **Description** XML::LibXML for Perl reads out-of-bounds heap memory when parsing XML node names that contain truncated UTF-8 byte sequences. A node name ending in the middle of a multi-byte UTF-8 sequence causes the parser to read past the end of the input string into adjacent heap memory. Any Perl process passing attacker-controlled strings to DOM node-name methods can trigger this issue on the default API, likely resulting in a crash and denial of service. **Recommendations** Update to version 2.0211 or later.