3 matches found
CVE-2026-54063
Excelize CVE-2026-54063: The library vulnerable due to checkSheet() using attacker-controlled row attribute to allocate memory for xlsxRow slices without enforcing the Excel row limit. This can cause (A) out-of-memory leading to process kill and (B) runtime panic from out-of-bounds indexing when ...
SUSE CVE-2024-22368
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells...
WPS-Forms XXE vulnerability in xlsx parsing
WPS-Forms is an office software. WPS Forms suffers from an XXE vulnerability in xlsx parsing. This allows attackers to exploit the vulnerability to cause the disclosure of sensitive user information as well as a DoS Denial of Service on the user's system...