haile01/perl_spreadsheet_excel_rce_poc

haile01/perl_spreadsheet_excel_rce_poc

Releases0

Stars18

POC for RCE vulnerability in ParseExcel library, and ParseXLSX too, as a depending library

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-22368 ↗	Jan 9, 2024Tuesday, 9 January 2024, 09:15	5.5 MEDIUM	—
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells.
CVE-2023-7102 ↗	Dec 24, 2023Sunday, 24 December 2023, 22:15	9.8 CRITICAL	—
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.