Fix for CVE-2023-30533 #1

vgauravk · 2025-08-18T09:26:16Z

vgauravk commented

2025-08-18 09:26:16 +00:00

This PR backports the security fix for CVE-2023-30533 (Prototype Pollution in SheetJS CE).

Vulnerability affects versions ≤ 0.19.2
Official fix was released in v0.19.3
This change applies the same patch to our v0.18.5 branch to address the issue

This PR backports the security fix for CVE-2023-30533 (Prototype Pollution in SheetJS CE). - Vulnerability affects versions ≤ 0.19.2 - Official fix was released in v0.19.3 - This change applies the same patch to our v0.18.5 branch to address the issue

vgauravk added 1 commit 2025-08-18 09:26:17 +00:00

Fix for CVE-2023-30533 f5146d04f8

vgauravk changed target branch from master to v0185

2025-08-18 09:27:27 +00:00

vgauravk added 1 commit 2025-08-18 17:16:20 +00:00

Added unit test 2a9a6f2390

vgauravk added 1 commit 2025-08-20 04:10:51 +00:00

Updated the code to add : ae952cd69d

This pull request can be merged automatically.

You are not authorized to merge this pull request.

View command line instructions.

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin Fix-v0185:Fix-v0185

git checkout Fix-v0185

Merge

Merge the changes and update on Gitea.

git checkout v0185

git merge --no-ff Fix-v0185

git checkout v0185

git merge --ff-only Fix-v0185

git checkout Fix-v0185

git rebase v0185

git checkout v0185

git merge --no-ff Fix-v0185

git checkout v0185

git merge --squash Fix-v0185

git checkout v0185

git merge --ff-only Fix-v0185

git checkout v0185

git merge Fix-v0185

git push origin v0185

Sign in to join this conversation.

No reviewers

No Label

No Milestone

No Assignees

1 Participants

Notifications

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Reference: vgauravk/sheetjs#1