5 matches found
EUVD-2021-1466
Malware in sbrugna...
CVE-2021-32014
SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service CPU consumption via a crafted .xlsx document that is mishandled when read by xlsx.js...
CVE-2023-30533
SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file. In other words. 0.19.2 and earlier are affected, whereas 0.19.3 and later are unaffected...
CVE-2021-32012
CVE-2021-32012 affects SheetJS and SheetJS Pro up to version 0.16.9. A crafted .xlsx document read by xlsx.js can cause a denial of service via memory consumption (issue 1 of 2). Exploitation details are described in the connected documents; the attack targets the XSLX reader logic. Mitigation: u...
Denial of Service (DoS)
Overview xlsx is a Parser and writer for various spreadsheet formats. Affected versions of this package are vulnerable to Denial of Service DoS. An attacker who can send a malicious excel file parsed by this library can crash the Node.JS process. Note: xlsx package after version 0.18.5 is...