Browse all 7 CVE security advisories affecting libxls. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Libxls is a C library for parsing Excel files, primarily used in applications requiring spreadsheet data processing without Microsoft dependencies. Historically, it has been vulnerable to memory corruption issues, including buffer overflows leading to remote code execution, and cross-site scripting through malicious file handling. Common vulnerability classes include out-of-bounds reads, integer overflows, and unsafe string operations. The library's minimal design offers limited built-in protections, placing responsibility on developers to implement proper input validation. While no major public incidents have been widely documented, its seven CVEs indicate persistent security concerns, particularly when processing untrusted Excel files in server environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-12108 | libxls 数字错误漏洞 — libxls | 8.8 | - | 2018-04-24 |
| CVE-2017-12109 | libxls 数字错误漏洞 — libxls | 8.8 | - | 2018-04-24 |
| CVE-2017-12110 | libxls 数字错误漏洞 — libxls | 7.8 | - | 2017-11-20 |
| CVE-2017-12111 | libxls 安全漏洞 — libxls | 8.8 | - | 2017-11-20 |
| CVE-2017-2896 | libxls 安全漏洞 — libxls | 8.8 | - | 2017-11-20 |
| CVE-2017-2897 | libxls 安全漏洞 — libxls | 8.8 | - | 2017-11-20 |
| CVE-2017-2919 | libxls 缓冲区错误漏洞 — libxls | 7.8 | - | 2017-11-20 |
This page lists every published CVE security advisory associated with libxls. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.