Douglas Wilson Spreadsheet Parseexcel vulnerabilities

1 known vulnerability affecting douglas_wilson/spreadsheet_parseexcel.

Total CVEs

1

CISA KEV

1

actively exploited

Public exploits

0

Exploited in wild

1

Severity breakdown

HIGH1

Vulnerabilities

Page 1 of 1

CVE-2023-7101HIGHCVSS 7.8KEVv0.652023-12-24

CVE-2023-7101 [HIGH] CWE-95 CVE-2023-7101: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::Par Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-styl