29 matches found
EUVD-2024-19927
Malicious code in bioql PyPI...
EUVD-2024-21020
Malicious code in bioql PyPI...
CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
openSUSE Security Advisory (openSUSE-SU-2024:0021-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Spreadsheet::ParseXLSX vulnerabilities (USN-6769-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6769-1 advisory. Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An attacker could...
openSUSE Security Advisory (openSUSE-SU-2024:0021-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: perl-Spreadsheet-ParseXLSX-0.31-1.fc39
This module is an adaptor for that reads XLSX files. For documentation about the various data that you can retrieve from these classes, please see , , , and...
Fedora: Security Advisory (FEDORA-2024-5f136f5d10)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : perl-Spreadsheet-ParseXLSX (2024-5f136f5d10)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5f136f5d10 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 38 : perl-Spreadsheet-ParseXLSX (2024-fa14bfd3b5)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fa14bfd3b5 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...
Fedora: Security Advisory for perl-Spreadsheet-ParseXLSX (FEDORA-2024-fa14bfd3b5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
XML External Entity (XXE)
Spreadsheet::ParseXLSX is vulnerable to XML External Entity XXE. The vulnerability is caused due to neglecting noxxe option of XML::Twig. This can be exploited to compromise Confidentiality of the system...
CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
DEBIAN-CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
UBUNTU-CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
CVE-2024-23525
CVE-2024-23525 affects Spreadsheet::ParseXLSX (Perl) versions prior to 0.30, where XXE is possible because XML::Twig is not invoked with the no_xxe option. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) yields a base score of 6.5 (Medium) with high impact on confidentiality, no impact ...
CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
CVE-2024-23525
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...