In doProlog in xmlparse
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
Exploitability
AC:H
AV:N
PR:N
UI:N
Scope
S:U
Impact
A:H
C:H
I:H
8.1/CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N