3 matches found
CVE-2021-32014
SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service CPU consumption via a crafted .xlsx document that is mishandled when read by xlsx.js...
CVE-2021-32014
SheetJS Pro up to version 0.16.9 is affected: reading a crafted .xlsx with xlsx.js can cause a denial of service via CPU consumption. The issue is documented across multiple sources (NVD, Red Hat, npm advisory, OSV) and is mitigated by upgrading to 0.17.0 or later. Affected product: SheetJS (and ...
1-click-bom (>=1.3.0 <=1.3.1), 25uikit (>=1.2.7 <=1.2.10) +2742 more potentially affected by CVE-2021-32014 via xlsx (>=0.10.3 <=0.16.9)
xlsx NPM version =0.10.3, =1.3.0, =1.2.7, =1.0.6, =0.0.1, =0.0.1, =0.0.3, =0.10.22, =0.0.2, =1.9.2, =1.0.1, =1.0.0, =1.0.1 - @aarongray.org/xlsx-workbook =0.0.1 - @abcum/ember-sheetjs =0.1.0 and more Source cves: CVE-2021-32014 Source advisory: SNYK:JS-XLSX-1311139...