Vulnerabilities > Tozt

DATE CVE VULNERABILITY TITLE RISK
2024-01-18 CVE-2024-23525 XXE vulnerability in Tozt Spreadsheet::Parsexlsx
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.
network
low complexity
tozt CWE-611
6.5
6.5
2024-01-09 CVE-2024-22368 Unspecified vulnerability in Tozt Spreadsheet::Parsexlsx
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document.
local
low complexity
tozt
5.5
5.5