sheetjs
/
sheetjs
25
Fork 25
Code Issues 177 Pull Requests 12 Wiki Activity

Security vulnerability #3106

New Issue
Closed
opened 2024-04-09 01:07:51 +00:00 by averroes · 2 comments
averroes commented 2024-04-09 01:07:51 +00:00
Copy Link

I got notification that there’s a security vulnerability in the xlsx npm package. Just wondering when that will be fixed?

I got notification that there’s a security vulnerability in the xlsx npm package. Just wondering when that will be fixed?
paustint commented 2024-04-09 03:14:35 +00:00
Copy Link

likely already fixed in latest version according to dependabot - a0bed2a97d (diff-864f44dd40e9fe72f7034315e528c8079b59cf98)

likely already fixed in latest version according to dependabot - https://git.sheetjs.com/sheetjs/sheetjs/commit/a0bed2a97dcb1e3b76049be91abf3747f333c975#diff-864f44dd40e9fe72f7034315e528c8079b59cf98
sheetjs commented 2024-04-09 03:52:56 +00:00
Owner
Copy Link

It is fixed in 0.20.2. https://docs.sheetjs.com/docs/getting-started/installation/ follow the relevant instructions for your deployment.

There were issues in the past with false flagging from Snyk. They recommend suppressing the specific warning

It is fixed in 0.20.2. https://docs.sheetjs.com/docs/getting-started/installation/ follow the relevant instructions for your deployment. There were issues in the past with false flagging from Snyk. They recommend [suppressing the specific warning](https://snyk.io/blog/ignoring-vulnerabilities-with-snyk/)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
sankhavaramsaitulasiram/feat-fix-2752
maybeswapnil/issue2737
gh-pages
scottysseus/2560_2
ivan-trusov/fix-basedate
nandanv2702/issue_1300
protobi/master
ThomasChan/master
grantfayvor/master
tom-groves/bug-1105/rounding-error
mgreter/master
v0.20.2
v0.20.1
v0.20.0
v0.19.3
v0.19.2
v0.19.1
v0.19.0
v0.18.12
v0.18.11
v0.18.10
v0.18.9
v0.18.8
v0.18.7
v0.18.5
v0.18.4
v0.18.3
v0.18.2
v0.18.1
v0.18.0
v0.17.5
v0.17.4
v0.17.3
v0.17.2
v0.17.1
v0.17.0
v0.16.8
v0.16.7
v0.16.6
v0.16.5
v0.16.3
v0.16.2
v0.16.1
v0.16.0
v0.15.6
v0.15.5
v0.15.2
v0.14.0
v0.13.5
v0.13.4
v0.13.3
v0.13.1
v0.13.0
v0.12.13
v0.12.12
v0.12.11
v0.12.10
v0.12.9
v0.12.8
v0.12.7
v0.12.6
v0.12.5
v0.12.4
v0.12.3
v0.12.2
v0.12.1
v0.12.0
v0.11.19
v0.11.18
v0.11.17
v0.11.16
v0.11.15
v0.11.14
v0.11.13
v0.11.12
v0.11.11
v0.11.10
v0.11.9
v0.11.8
v0.11.7
v0.11.6
v0.11.5
v0.11.4
v0.11.3
v0.11.2
v0.11.1
v0.11.0
v0.10.9
v0.10.8
v0.10.7
v0.10.6
v0.10.5
v0.10.4
v0.10.3
v0.10.2
v0.10.1
v0.10.0
v0.9.13
v0.9.12
v0.9.11
v0.9.10
v0.9.9
v0.9.8
v0.9.7
v0.9.6
v0.9.5
v0.9.4
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.8
v0.8.7
v0.8.6
v0.8.5
v0.8.4
v0.8.3
v0.8.2
v0.8.1
v0.8.0
v0.7.11
v0.7.10
v0.7.9
v0.7.7
v0.7.6-i
v0.7.6-h
v0.7.6-a
v0.7.6
v0.7.5
v0.7.4
v0.7.3
v0.7.2
v0.7.1
v0.5.10
v0.5.9
v0.5.8
v0.5.7
v0.5.0
v0.4.3
Labels
Clear labels   
DBF

   
Dates

   
Defined Names

   
Features

   
Formula

   
HTML

   
Images

   
Infrastructure

   
Integration

   
International

   
ODS

   
Operations

   
Performance

   
PivotTables

   
Pro

   
Protection

   
Read Bug

   
SSF

   
SYLK

   
Style

   
Write Bug

   
good first issue
No Label
DBF
Dates
Defined Names
Features
Formula
HTML
Images
Infrastructure
Integration
International
ODS
Operations
Performance
PivotTables
Pro
Protection
Read Bug
SSF
SYLK
Style
Write Bug
good first issue
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: sheetjs/sheetjs#3106
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?