libexpat before 2
libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
Exploitability
AV:L
AC:H
PR:N
UI:N
Scope
S:U
Impact
C:N
I:N
A:L
2.9/CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Other
CWE-331