CVE-2021-21810

Name of the Vulnerable Software and Affected Versions Xmill version 0.7

Description A memory corruption issue exists in the XML-parsing ParseAttribs functionality. This can be triggered by a specially crafted XML file, leading to a heap buffer overflow. An attacker can exploit this by providing a malicious file, potentially allowing remote code execution.

Recommendations For Xmill version 0.7, consider disabling the ParseAttribs functionality until a patch is available to prevent potential exploitation. Restrict access to parsing untrusted XML files to minimize the risk of heap buffer overflow. Avoid using Xmill version 0.7 for parsing XML files from unverified sources until the issue is resolved.