CVE-2021-27836
MEDIUMlibxls 1.6.2 - Denial of Service via Crafted XLS File
Title source: llmDescription
An issue was discoverered in in function xls_getWorkSheet in xls.c in libxls 1.6.2, allows attackers to cause a denial of service, via a crafted XLS file.
References (4)
Core 4
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/libxls/libxls/issues/94
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFOE4Z6T46LA47VXWUVET4ELXRZQ3BWB/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y6XOTFEOCHYKZAFCB6H3KNIIFJ3UFV7V/
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5D7XXCVFYRRMI4ENXYSD3MZEBS6SMI7E/
Scores
CVSS v3
6.5
EPSS
0.0042
EPSS Percentile
62.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (4)
fedoraproject/fedora
33
fedoraproject/fedora
34
fedoraproject/fedora
35
libxls_project/libxls
1.6.2
Published
Nov 03, 2021
Tracked Since
Feb 18, 2026