oss-sec mailing list archives
CVE-2023-7101: Spreadsheet::ParseExcel for Perl is vulnerable to arbitrary code execution
From: Stig Palmquist <stig () stig io>
Date: Fri, 29 Dec 2023 15:57:51 +0000
Hi, The CPAN Security WG was recently informed that the Perl module Spreadsheet::ParseExcel 0.65 (and earlier) is vulnerable to arbitrary code execution. Users should upgrade to version 0.66 as soon as possible. Updated Version: https://metacpan.org/release/JMCNAMARA/Spreadsheet-ParseExcel-0.66 Patch: https://github.com/jmcnamara/spreadsheet-parseexcel/commit/bd3159277e745468e2c553417b35d5d7dc7405bc.patch References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7101 https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md Best, Stig
Current thread:
- CVE-2023-7101: Spreadsheet::ParseExcel for Perl is vulnerable to arbitrary code execution Stig Palmquist (Dec 29)