libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.
https://lists.debian.org/debian-lts-announce/2020/04/msg00002.html
https://github.com/libimobiledevice/libplist/issues/88
http://www.securityfocus.com/bid/96022