12 matches found
openSUSE Security Advisory (openSUSE-SU-2024:0021-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Spreadsheet::ParseXLSX vulnerabilities (USN-6769-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6769-1 advisory. Le Dinh Hai discovered that Spreadsheet::ParseXLSX did not properly manage memory during cell merge operations. An attacker could...
openSUSE Security Advisory (openSUSE-SU-2024:0021-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : perl-Spreadsheet-ParseXLSX (2024-fa14bfd3b5)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fa14bfd3b5 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 39 : perl-Spreadsheet-ParseXLSX (2024-5f136f5d10)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5f136f5d10 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...
Debian: Security Advisory (DLA-3723-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3723-1] libspreadsheet-parsexlsx-perl security update
Debian LTS Advisory DLA-3723-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin January 27, 2024 https://wiki.debian.org/LTS Package : libspreadsheet-parsexlsx-perl Version : 0.27-2+deb10u1 CVE ID : CVE-2024-22368 CVE-2024-23525 Debian Bug : 1061098 Security...
Debian dla-3723 : libspreadsheet-parsexlsx-perl - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3723 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3723-1 [email protected]...
openSUSE 15 Security Update : perl-Spreadsheet-ParseXLSX (openSUSE-SU-2024:0021-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0021-1 advisory. - The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs...
CVE-2024-22368
CVE-2024-22368 affects Spreadsheet::ParseXLSX (Perl) prior to 0.28, where memory exhaustion can occur during parsing of crafted XLSX files. The root cause is the memoize implementation not constraining merged cells, enabling an out-of-memory condition. Public advisories (Ubuntu USN-6769-1, Fedora...
CVE-2024-22368
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells...
CVE-2024-22368
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells...