Tim Boddy discovered that Expat, contained within the xmltok library, did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources.
1.2-4ubuntu0.18.04.1~esm51.2-4ubuntu0.20.04.1~esm51.2-4ubuntu0.22.04.1~esm51.2-4.1ubuntu2.24.0.4.1+esm3