View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-0718 medium priority: Ubuntu including 28 source packages (audacity, ayttm, …), 661 status rows across 24 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, precise, questing, trusty, upstream, wily, xenial, yakkety, zesty): not-affected 225, DNE 205, ignored 145, released 36, needed 29, needs-triage 21.
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.