Vulnerability for dependency xlsx (upgrade sheetjs dependency to address Prototype Pollution vulnerability (CVE-2023-30533))

Description:
The current version of the sheetjs dependency used in this package is vulnerable to a Prototype Pollution attack (CVE-2023-30533). This vulnerability can be exploited to potentially compromise the application's security.

Details:

Vulnerable dependency: sheetjs (version < 0.19.3)
Vulnerability details: https://git.sheetjs.com/sheetjs/sheetjs/src/branch/master/CHANGELOG.md#v0193 (Fixed "Prototype Pollution" vulnerability (CVE-2023-30533))
Updated package source: https://git.sheetjs.com/SheetJS/sheetjs# (This repository contains the fixed version 0.19.3) [docs: https://docs.sheetjs.com/docs/getting-started/installation/frameworks#legacy-endpoints ]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions