VYPR
High severity8.2NVD Advisory· Published Feb 15, 2017· Updated Jun 17, 2026

CVE-2017-5992

CVE-2017-5992

Description

Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
openpyxlPyPI
< 2.4.22.4.2

Affected products

3

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.