libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
| Version | Score | Severity | Vector String |
|---|---|---|---|
| 3.1 | 7.2 | High | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C |
| Product | Vendor | Version |
|---|---|---|
| libexpat | libexpat project | n/a |
| libexpat | libexpat project | QCM6490 |