8 matches found
SUSE CVE-2023-7101
Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of...
OESA-2025-2507 perl-Spreadsheet-ParseExcel security update
The Spreadsheet::ParseExcel module can be used to read information from an Excel 95-2003 file. Security Fixes: Spreadsheet::ParseExcel version 0.65, a Perl module for parsing Excel files, is vulnerable to arbitrary code execution ACE due to passing unvalidated input from a file into a string-type...
The vulnerability of the Spreadsheet::ParseXLSX library for the Perl programming language arises from incorrect restrictions on XML references to external objects. This allows attackers to perform XXE attacks.
The vulnerability of the Spreadsheet::ParseXLSX library for the Perl programming language relates to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks using a specially created XLSX file...
Out-of-bounds
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the noxxe option of XML::Twig...
The vulnerability of the Spreadsheet::ParseExcel library in email security gateways of the Barracuda Email Security Gateway Appliance, related to the use of dangerous methods or functions, allows attackers to execute arbitrary code.
The vulnerability of the Spreadsheet::ParseExcel library, a microprogramming solution for email security gateways like Barracuda Email Security Gateway Appliance, is related to the use of dangerous methods or functions. Exploiting this vulnerability could allow an attacker to execute arbitrary co...
VulnCheck KEV: CVE-2023-7101
Spreadsheet::ParseExcel contains a remote code execution vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings within the Excel parsing logic...
Spreadsheet-ParseExcel Code Injection Vulnerability
Spreadsheet-ParseExcel is a module for extracting information from Excel files by the individual developer John McNamara in Ireland. A security vulnerability exists in Spreadsheet-ParseExcel version 0.65 that originates from passing unvalidated input from a file to a string, resulting in arbitrar...
PT-2023-8145
Name of the Vulnerable Software and Affected Versions Barracuda ESG Appliance versions 5.1.3.001 through 9.2.1.001 Description The issue is related to a case of arbitrary code execution that resides within a third-party and open-source library named Spreadsheet::ParseExcel, used by the Amavis...