CVE-2021-32012

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 1 of 2...

Fedora 39 : perl-Spreadsheet-ParseXLSX (2024-5f136f5d10)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5f136f5d10 advisory. Update to latest version Security fix for CVE-2024-22368 Tenable has extracted the preceding description block directly from the Fedora security...

Debian dla-3723 : libspreadsheet-parsexlsx-perl - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3723 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3723-1 [email protected]...

openSUSE 15 Security Update : perl-Spreadsheet-ParseXLSX (openSUSE-SU-2024:0021-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0021-1 advisory. - The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs...

CVE-2024-22368

The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells...

Ubuntu 16.04 ESM : openpyxl vulnerability (USN-4821-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4821-1 advisory. It was discovered that openpyxl incorrectly handled certain documents. A remote attacker could possibly use this issue to cause a denial of service or other...

Improper Restriction of XML External Entity Reference in Openpyxl

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document...

Denial of Service

Overview SheetJS Pro through 0.16.9 allows attackers to cause a denial of service CPU consumption via a crafted .xlsx document that is mishandled when read by xlsx.js. Recommendation Upgrade to version 0.17.0 or later References - GitHub Advisory - CVE...

GHSA-3X9F-74H4-2FQR Denial of Service in SheetJS Pro

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 1 of 2...

GHSA-8VCR-VXM8-293M Denial of Service in SheetsJS Pro

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 2 of 2...

Denial of Service in SheetsJS Pro

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 2 of 2...

Denial of Service in SheetJS Pro

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service CPU consumption via a crafted .xlsx document that is mishandled when read by xlsx.js...

CVE-2021-32012

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 1 of 2...

Design/Logic Flaw

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 2 of 2...

CVE-2021-32013

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 2 of 2...

CVE-2021-32013

Affected software: SheetJS and SheetJS Pro up to version 0.16.9. Issue: memory consumption denial of service when reading a crafted .xlsx file via xlsx.js (issue 2 of 2). Impact: DoS due to parsing/memory handling. Remediation: upgrade to SheetJS/xlsx 0.17.0 or higher. Public references in connec...

CVE-2021-32012

SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 1 of 2...

CVE-2021-32012

CVE-2021-32012 affects SheetJS and SheetJS Pro up to version 0.16.9. A crafted .xlsx document read by xlsx.js can cause a denial of service via memory consumption (issue 1 of 2). Exploitation details are described in the connected documents; the attack targets the XSLX reader logic. Mitigation: u...

PhpSpreadsheet 1.5.0 - XML External Entity (XXE)

PhpSpreadsheet 1.5.0 - XML External Entity XXE Product Description PhpSpreadsheet is a library written in pure PHP that provides a set of classes allowing users to read from and write to different spreadsheet file formats, such as Excel and LibreOffice Calc. Vulnerabilities List One vulnerability...

CVE-2017-5992

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document...