A use-after-free vulnerability was discovered in XML::LibXML, a Perl interface to the libxml2 library, allowing an attacker to execute arbitrary code by controlling the arguments to a replaceChild call.