Xlsx
This hub aggregates every CVE we track for Xlsx, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Xlsx.
- CVE-2024-22363SheetJS Community Edition before 0.20.2 is vulnerable.to Regular Expression Denial of Service (ReDoS).7.5
- CVE-2023-30533SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file. In other words. 0.19.2 and earlier are affected, whereas 0.19.3 and later are unaffected.7.8
- CVE-2021-32014SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.5.5
- CVE-2021-32013SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 2 of 2).5.5
- CVE-2021-32012SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 1 of 2).5.5
Product normalization is registry-driven with AI assist and human review. How it works