From 3a292997ede4668bd4d06b95849225750c1c1d8b Mon Sep 17 00:00:00 2001 From: Michael Chirico Date: Thu, 28 Dec 2023 10:14:58 +0800 Subject: [PATCH 1/5] Entry for gdata ParseExcel vulnerability --- vulns/gdata/RSEC-2023-9.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 vulns/gdata/RSEC-2023-9.yaml diff --git a/vulns/gdata/RSEC-2023-9.yaml b/vulns/gdata/RSEC-2023-9.yaml new file mode 100644 index 0000000..cbe9c48 --- /dev/null +++ b/vulns/gdata/RSEC-2023-9.yaml @@ -0,0 +1,30 @@ +id: RSEC-2023-8 +details: Bundled Perl script Spreadsheet::ParseExcel version 0.65 is vulnerable to an arbitrary code execution (ACE) + vulnerability due to passing unvalidated input from a file into a string-type "eval". Specifically, the issue stems + from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel + parsing logic. Fixed with the depreation of Excel-related functionality from gdata version 3.0.0 -- upgrading advised. +summary: Arbitrary Code Execution (ACE) Vulnerability +affected: +- package: + name: gdata + ecosystem: CRAN + ranges: + - type: ECOSYSTEM + events: + - introduced: "2.16.1" + - fixed: "3.0.0" + versions: + - "2.16.1" + - "2.17.0" + - "2.18.0" + - "2.18.0.1" + - "2.19.0" + - "3.0.0" +references: +- type: WEB + url: https://security-tracker.debian.org/tracker/CVE-2023-7101 +- type: WEB + url: https://github.com/r-gregmisc/gdata/issues/14 +aliases: +- CVE-2023-7101 +published: "2023-12-28T02:15:00.000Z" From 8a4edf687d7f61f8262982635ebadea366c88933 Mon Sep 17 00:00:00 2001 From: Tyler Finethy Date: Thu, 4 Jan 2024 11:27:43 -0500 Subject: [PATCH 2/5] Update vulns/gdata/RSEC-2023-9.yaml --- vulns/gdata/RSEC-2023-9.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/vulns/gdata/RSEC-2023-9.yaml b/vulns/gdata/RSEC-2023-9.yaml index cbe9c48..389a607 100644 --- a/vulns/gdata/RSEC-2023-9.yaml +++ b/vulns/gdata/RSEC-2023-9.yaml @@ -19,7 +19,6 @@ affected: - "2.18.0" - "2.18.0.1" - "2.19.0" - - "3.0.0" references: - type: WEB url: https://security-tracker.debian.org/tracker/CVE-2023-7101 From 83e6c34577e87a04ac372f93f85fb7236cfcb9c0 Mon Sep 17 00:00:00 2001 From: Tyler Finethy Date: Thu, 4 Jan 2024 11:28:38 -0500 Subject: [PATCH 3/5] Update latest-id.txt --- latest-id.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/latest-id.txt b/latest-id.txt index a519294..2f4c9f9 100644 --- a/latest-id.txt +++ b/latest-id.txt @@ -1 +1 @@ -2023-8 +2023-9 From 86b4fdb8eddcda75a65051d7a1f0e36acfeac14a Mon Sep 17 00:00:00 2001 From: Tyler Finethy Date: Thu, 4 Jan 2024 11:29:10 -0500 Subject: [PATCH 4/5] Update vulns/gdata/RSEC-2023-9.yaml --- vulns/gdata/RSEC-2023-9.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulns/gdata/RSEC-2023-9.yaml b/vulns/gdata/RSEC-2023-9.yaml index 389a607..da4bab5 100644 --- a/vulns/gdata/RSEC-2023-9.yaml +++ b/vulns/gdata/RSEC-2023-9.yaml @@ -1,4 +1,4 @@ -id: RSEC-2023-8 +id: RSEC-2023-9 details: Bundled Perl script Spreadsheet::ParseExcel version 0.65 is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type "eval". Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel From 805f92b3918ad77b9c15c9ac2e8c586e98a6fc0c Mon Sep 17 00:00:00 2001 From: Tyler Finethy Date: Thu, 4 Jan 2024 11:30:23 -0500 Subject: [PATCH 5/5] Update vulns/gdata/RSEC-2023-9.yaml --- vulns/gdata/RSEC-2023-9.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/vulns/gdata/RSEC-2023-9.yaml b/vulns/gdata/RSEC-2023-9.yaml index da4bab5..530338c 100644 --- a/vulns/gdata/RSEC-2023-9.yaml +++ b/vulns/gdata/RSEC-2023-9.yaml @@ -27,3 +27,4 @@ references: aliases: - CVE-2023-7101 published: "2023-12-28T02:15:00.000Z" +modified: "2024-01-04T02:15:00.000Z"