In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. CREATE(Triage):(User=admin) CVE-2022-25314 (https://nvd.nist.gov/vuln/detail/CVE-2022-25314)