CVE-2021-21811

Name of the Vulnerable Software and Affected Versions Xmill version 0.7

Description A memory corruption issue exists in the XML-parsing CreateLabelOrAttrib functionality. This can be triggered by a specially crafted XML file, leading to a heap buffer overflow. An attacker can exploit this by providing a malicious file, potentially allowing remote execution of arbitrary code.

Recommendations For Xmill version 0.7, consider disabling the CreateLabelOrAttrib functionality until a patch is available to prevent potential exploitation. Restrict access to handling XML files to minimize the risk of triggering the heap buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.