CVE-2018-19277
N/A
N/A
Summary
securityScan() in PHPOffice PhpSpreadsheet through 1.5.0 allows a bypass of protection mechanisms for XXE via UTF-7 encoding in a .xlsx file
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/PHPOffice/PhpSpreadsheet/issues/771
- https://www.bishopfox.com/news/2018/11/phpoffice-versions/
- https://github.com/MewesK/TwigSpreadsheetBundle/issues/18
- https://www.drupal.org/sa-contrib-2021-043
References
- https://github.com/PHPOffice/PhpSpreadsheet/issues/771
- https://www.bishopfox.com/news/2018/11/phpoffice-versions/
- https://github.com/MewesK/TwigSpreadsheetBundle/issues/18
- https://www.drupal.org/sa-contrib-2021-043
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.