addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
9.8CVSS
9.5AI Score
0.005EPSS
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
9.8CVSS
9.5AI Score
0.018EPSS
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
9.8CVSS
9.5AI Score
0.015EPSS
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
9.8CVSS
9.6AI Score
0.015EPSS