First published: Wed Nov 03 2021(Updated: )
An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libxls Project Libxls | =1.6.2 | |
Fedoraproject Fedora | =33 | |
Fedoraproject Fedora | =34 | |
Fedoraproject Fedora | =35 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-27836.
The severity of CVE-2021-27836 is medium with a CVSS score of 6.5.
This vulnerability can be exploited by attackers through a crafted XLS file.
To mitigate the risk associated with CVE-2021-27836, it is recommended to update to the latest version of libxls (1.6.3 or later) or apply the necessary patches provided by the vendor.
You can find more information about CVE-2021-27836 on the following references: [link1], [link2], [link3].