CVE-2020-27819

Name of the Vulnerable Software and Affected Versions: libxls versions prior to 1.6.2

Description: An issue exists when reading Microsoft Excel files, specifically a NULL pointer dereference vulnerability when parsing XLS cells in libxls/xls2csv.c:199. This could allow a remote attacker to cause a denial of service via a crafted XLS file.

Recommendations: For versions prior to 1.6.2, update to version 1.6.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of libxls when parsing XLS files from untrusted sources until a patch is applied.