CVE-2017-5130: Out-of-bounds Write

February 7, 2018 (updated July 19, 2019)

An integer overflow in xmlmemory.c in libxml2, as used in Google Chrome and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

References

nvd.nist.gov/vuln/detail/CVE-2017-5130

Code Behaviors & Features

Detect and mitigate CVE-2017-5130 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →