[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2023-7101: Spreadsheet::ParseExcel for Perl is vulnerable to arbitrary code execu
From: Stig Palmquist <stig () stig ! io>
Date: 2023-12-29 15:57:51
Message-ID: u_37zo4-c8MMB7MsMhIWnl6UEq-x6XthS05w8OvrztTMgixZQWX1nf2zdsHsobnpojkG2ya44HMch-biNuT4sRGWS16EGd0EKWerHgtgmZA= () stig ! io
[Download RAW message or body]
[Attachment #2 (text/plain)]
Hi,
The CPAN Security WG was recently informed that the Perl module Spreadsheet::ParseExcel 0.65 \
(and earlier) is vulnerable to arbitrary code execution.
Users should upgrade to version 0.66 as soon as possible.
Updated Version:
https://metacpan.org/release/JMCNAMARA/Spreadsheet-ParseExcel-0.66
Patch:
https://github.com/jmcnamara/spreadsheet-parseexcel/commit/bd3159277e745468e2c553417b35d5d7dc7405bc.patch
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7101
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md
Best,
Stig
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic