CVE-2022-23640
CVE-2022-23640 affects Excel-Streaming-Reader (xlsx-streamer) prior to version 2.1.0, where the XML parser did not apply necessary settings to prevent XML Entity Expansion (XML Bombs). The issue enables potential impact on confidentiality, integrity, and availability (high severity in CVSS 3.1), ...