VYPR

rpm package

opensuse/perl-Spreadsheet-ParseXLSX&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/perl-Spreadsheet-ParseXLSX&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2024-23525Jan 17, 2024
    affected < 0.310.0-1.1fixed 0.310.0-1.1

    The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.

  • CVE-2024-22368Jan 9, 2024
    affected < 0.290.0-2.1fixed 0.290.0-2.1

    The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells.