CPANTS

Spreadsheet-ParseExcel 0.27_03 Deleted

Security Advisories

CVE-2023-7101

Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic.

Fixed version: >=0.66

Reported: 2023-12-24

Kwalitee Issues

This is not the latest release. The following issues may have already been fixed in the newer releases.

no_pod_errors

Remove the POD errors. You can check for POD errors automatically by including Test::Pod to your test suite.

Error: Spreadsheet-ParseExcel-0.27_03/lib/Spreadsheet/ParseExcel.pm -- Around line 2600: Non-ASCII character seen before =encoding in 'ReziÄ,'. Assuming UTF-8

5 Extra Issues

meta_yml_declares_perl_version

If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.

has_meta_json

Add a META.json to the distribution. Your buildtool should be able to autogenerate it.

use_warnings

Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.

Error: Spreadsheet::ParseExcel::FmtUnicode

no_unauthorized_packages

Ask the owner of the distribution (the one who released it first, or the one who is designated in x_authority) to give you a (co-)maintainer's permission.

Error:

Spreadsheet::ParseExcel
Spreadsheet::ParseExcel::Cell
Spreadsheet::ParseExcel::Dump
Spreadsheet::ParseExcel::FmtDefault
Spreadsheet::ParseExcel::FmtJapan
Spreadsheet::ParseExcel::FmtJapan2
Spreadsheet::ParseExcel::FmtUnicode
Spreadsheet::ParseExcel::Font
Spreadsheet::ParseExcel::Format
Spreadsheet::ParseExcel::SaveParser
Spreadsheet::ParseExcel::SaveParser::Workbook
Spreadsheet::ParseExcel::SaveParser::Worksheet
Spreadsheet::ParseExcel::Utility
Spreadsheet::ParseExcel::Workbook
Spreadsheet::ParseExcel::Worksheet

consistent_version

Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).

Error: 0.01,0.05,0.06,0.27_03

2 Experimental Issues

meta_yml_has_repository_resource: Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
has_separate_license_file: This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.

Modules

Name	Abstract	Version	View
Spreadsheet::ParseExcel	Get information from Excel file	0.27_03	metacpan
Spreadsheet::ParseExcel::Cell			metacpan
Spreadsheet::ParseExcel::Dump		0.01	metacpan
Spreadsheet::ParseExcel::FmtDefault		0.05	metacpan
Spreadsheet::ParseExcel::FmtJapan		0.05	metacpan
Spreadsheet::ParseExcel::FmtJapan2		0.05	metacpan
Spreadsheet::ParseExcel::FmtUnicode		0.05	metacpan
Spreadsheet::ParseExcel::Font			metacpan
Spreadsheet::ParseExcel::Format			metacpan
Spreadsheet::ParseExcel::SaveParser	Expand of Spreadsheet::ParseExcel with Spreadsheet::WriteExcel	0.01	metacpan
Spreadsheet::ParseExcel::SaveParser::Workbook		0.06	metacpan
Spreadsheet::ParseExcel::SaveParser::Worksheet		0.01	metacpan
Spreadsheet::ParseExcel::Utility	Utility function for Spreadsheet::ParseExcel	0.06	metacpan
Spreadsheet::ParseExcel::Workbook			metacpan
Spreadsheet::ParseExcel::Worksheet			metacpan

Other Files


Build.PL	metacpan
Changes	metacpan
MANIFEST	metacpan
META.yml	metacpan
Makefile.PL	metacpan
README	metacpan
README_Japan.htm	metacpan