In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. CREATE(Triage):(User=admin) CVE-2022-25313 (https://nvd.nist.gov/vuln/detail/CVE-2022-25313)