Libexpat Project: >> Libexpat >> 2.6.4 Security Vulnerabilities
In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
CVSS Score
2.9
EPSS Score
0.0
Published
2025-11-28
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-15