According to https://support.f5.com/csp/article/K05295469 older versions of libexpat have a serious security vulnerability. We use Strawberry Perl 5.30 for Windows, and there are seemingly several instances of libexpat in our release tree, including libexpat-1_.dll, libexpat.dll, libexpatw.dll and Expat.dll.
I have found on github a fixed version of libexpat.dll V2.4.4 which fixes the vulnerability, but I don't understand the relationship between it and the Perl wrappings which seem to have additional entry points (as displayed by dllexp.exe from https://www.nirsoft.net/utils/dll_export_viewer.html).
Does any Monk have suggestions on a way forward?