Количество 2
Количество 2
CVE-2022-23640
Excel-Streaming-Reader is an easy-to-use implementation of a streaming Excel reader using Apache POI. Prior to xlsx-streamer 2.1.0, the XML parser that was used did apply all the necessary settings to prevent XML Entity Expansion issues. Upgrade to version 2.1.0 to receive a patch. There is no known workaround.
GHSA-xvm2-9xvc-hx7f
Improper Restriction of XML External Entity Reference in com.monitorjbl:xlsx-streamer
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23640 Excel-Streaming-Reader is an easy-to-use implementation of a streaming Excel reader using Apache POI. Prior to xlsx-streamer 2.1.0, the XML parser that was used did apply all the necessary settings to prevent XML Entity Expansion issues. Upgrade to version 2.1.0 to receive a patch. There is no known workaround. | CVSS3: 9.8 | 0% Низкий | почти 4 года назад |
| GHSA-xvm2-9xvc-hx7f Improper Restriction of XML External Entity Reference in com.monitorjbl:xlsx-streamer | CVSS3: 9.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу