SheetJS Regular Expression Denial of Service (ReDoS)
SheetJS Community Edition before 0.20.2 is vulnerable.to Regular Expression Denial of Service (ReDoS).
Advisories for Npm/Xlsx package
2024
2023
Prototype Pollution in sheetJS
SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file.
2021
Uncontrolled Resource Consumption
SheetJS and SheetJS Pro allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.
Uncontrolled Resource Consumption
SheetJS and SheetJS Pro allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.
Uncontrolled Resource Consumption
SheetJS and SheetJS Pro allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.