Libexpat · Libexpat · CVE-2023-52425
**Name of the Vulnerable Software and Affected Versions**
libexpat versions 2.5.0 and earlier
**Description**
The issue is related to an uncontrolled resource consumption in the libexpat library, which is used for XML parsing. This can be exploited by a remote attacker to cause a denial of service. The vulnerability arises when a large token requires multiple buffer fills, leading to many full reparsings.
**Recommendations**
For libexpat versions 2.5.0 and earlier, update libexpat to version 2.6 or later to resolve the issue.
As an alternative, for systems where Python is used, update Python to version 3.13 or later, which includes the updated libexpat library.