The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.
1.16.33-3.2ubuntu31.33.06-0ubuntu10.6.3-3build10.1.0+git20150808-10.1.0+git20150808-20.23.3-2ubuntu23.20.1+git20120521-63.20.1+git20120521-6build10.13+ds1-52.4.7-42.4.7-4build11.33.14-0.2ubuntu31.33.14-1ubuntu10.23.3-2ubuntu33.1.4~abc9f50+dfsg1-23.1.4~abc9f50+dfsg2-13.1.4~abc9f50+dfsg3-13.1.4~abc9f50+dfsg3-2Exploitability
AV:NAC:HPR:NUI:NScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H