CVE-2024-47873
CVSS V2 None
CVSS V3 None
Description
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which should prevent XXE attacks. However, prior to versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0, the regexes used in the `scan` method and the findCharSet method can be bypassed by using UCS-4 and encoding guessing. An attacker can bypass the sanitizer and achieve an XML external entity attack. Versions 1.9.4, 2.1.3, 2.3.2, and 3.4.0 fix the issue.
Overview
- CVE ID
- CVE-2024-47873
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-18T17:03:00.366Z
- Last Modified Date
- 2024-11-18T18:28:36.292Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/PHPOffice/PhpSpreadsheet/security/advisories/GHSA-jw4x-v69f-hh5w | x_refsource_CONFIRM |
| https://github.com/PHPOffice/PhpSpreadsheet/blob/39fc51309181e82593b06e2fa8e45ef8333a0335/src/PhpSpreadsheet/Reader/Security/XmlScanner.php | x_refsource_MISC |
| https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing | x_refsource_MISC |
| https://www.w3.org/TR/xml/#sec-guessing-no-ext-info | x_refsource_MISC |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-47873 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47873 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-19 13:18:50 | Added to TrackCVE |