"CISA Warns of Actively Exploited Bugs in Chrome and Excel Parsing Library"

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog. The first is a recently patched flaw in Google Chrome, and the second bug affects Spreadsheet::ParseExcel, an open-source Perl library for reading information from Excel files. The agency has given federal agencies until January 23 to mitigate the two security flaws or to stop using the vulnerable products. The Remote Code Execution (RCE) flaw affects versions 0.65 and older of the Spreadsheet::ParseExcel library. This article continues to discuss the vulnerabilities recently added to CISA's KEV catalog.

Bleeping Computer reports "CISA Warns of Actively Exploited Bugs in Chrome and Excel Parsing Library"

Submitted by grigby1

Submitted by Gregory Rigby on