CVE-2023-7101

NameCVE-2023-7101
DescriptionSpreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3702-1, DSA-5592-1
Debian Bugs1059450

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libspreadsheet-parseexcel-perl (PTS)buster0.6500-1vulnerable
buster (security)0.6500-1+deb10u1fixed
bullseye (security), bullseye0.6500-1.1+deb11u1fixed
bookworm, bookworm (security)0.6500-4~deb12u1fixed
sid, trixie0.6600-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libspreadsheet-parseexcel-perlsourcebuster0.6500-1+deb10u1DLA-3702-1
libspreadsheet-parseexcel-perlsourcebullseye0.6500-1.1+deb11u1DSA-5592-1
libspreadsheet-parseexcel-perlsourcebookworm0.6500-4~deb12u1DSA-5592-1
libspreadsheet-parseexcel-perlsource(unstable)0.6500-41059450

Notes

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md
https://github.com/haile01/perl_spreadsheet_excel_rce_poc
https://github.com/runrig/spreadsheet-parseexcel/issues/33
Fixed by: https://github.com/jmcnamara/spreadsheet-parseexcel/commit/bd3159277e745468e2c553417b35d5d7dc7405bc (CPAN_0.66)
Search for package or bug name: Reporting problems