GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse in gmarkup.c, related to utf8_str.