Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
xlnt-community xlnt Encrypted XLSX File compound_document.cpp read_directory out-of-bounds
Vulnerability Description
A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compound_document::read_directory of the file source/detail/cryptography/compound_document.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds read. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called 147. Applying a patch is advised to resolve this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
跨界内存读
Vulnerability Title
xlnt 缓冲区错误漏洞
Vulnerability Description
xlnt是xlnt-community开源的一个C++语言库。 xlnt-community xlnt 1.6.1及之前版本存在缓冲区错误漏洞,该漏洞源于对文件source/detail/cryptography/compound_document.cpp中函数read_directory的错误操作,可能导致越界读取。
CVSS Information
N/A
Vulnerability Type
N/A