Tinyxml · Tinyxml · CVE-2021-42260
**Name of the Vulnerable Software and Affected Versions**
TinyXML versions 2.6.2 and earlier
**Description**
The issue is related to an infinite loop in the `TiXmlParsingData::Stamp` function within the `tinyxmlparser.cpp` component of the TinyXML XML parser. This can be triggered by a crafted XML message, leading to a denial of service. The vulnerability can be exploited by a remote attacker.
**Recommendations**
For TinyXML versions 2.6.2 and earlier, consider disabling the `TiXmlParsingData::Stamp` function until a patch is available to prevent potential denial of service attacks.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.