3 matches found
CVE-2021-32013
SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service memory consumption via a crafted .xlsx document that is mishandled when read by xlsx.js issue 2 of 2...
1-click-bom (>=1.3.0 <=1.3.1), 25uikit (>=1.2.7 <=1.2.10) +2742 more potentially affected by CVE-2021-32013 via xlsx (>=0.10.3 <=0.16.9)
xlsx NPM version =0.10.3, =1.3.0, =1.2.7, =1.0.6, =0.0.1, =0.0.1, =0.0.3, =0.10.22, =0.0.2, =1.9.2, =1.0.1, =1.0.0, =1.0.1 - @aarongray.org/xlsx-workbook =0.0.1 - @abcum/ember-sheetjs =0.1.0 and more Source cves: CVE-2021-32013 Source advisory: OSV:GHSA-8VCR-VXM8-293M...
CVE-2021-32013
Affected software: SheetJS and SheetJS Pro up to version 0.16.9. Issue: memory consumption denial of service when reading a crafted .xlsx file via xlsx.js (issue 2 of 2). Impact: DoS due to parsing/memory handling. Remediation: upgrade to SheetJS/xlsx 0.17.0 or higher. Public references in connec...