Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
Exploitability
AC:HAV:NPR:NUI:NScope
S:UImpact
A:HC:HI:H8.1/CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N