Описание
xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XLSX file.
Ссылки
- Patch
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
- Patch
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.1.2 (включая) до 0.2.34 (включая)
cpe:2.3:a:xlsxio_project:xlsxio:*:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
7.8 High
CVSS3
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
xlsxio v0.1.2 to v0.2.34 was discovered to contain a free of uninitialized pointer in the xlsxioread_sheetlist_close() function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XLSX file.
EPSS
Процентиль: 9%
0.00032
Низкий
7.8 High
CVSS3
Дефекты
CWE-416