PT-2024-19365 · Unknown · Sheetjs Community Edition
Asadbek Karimov
+1
·
Published
2024-04-05
·
Updated
2024-08-26
·
CVE-2024-22363
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SheetJS Community Edition versions prior to 0.20.2
Description
The issue is related to a Regular Expression Denial of Service (ReDoS) in the SheetJS Community Edition. It is estimated that over 2,000,000 devices are potentially affected due to the high number of weekly downloads.
Recommendations
For versions prior to 0.20.2, update to version 0.20.2 or later to resolve the issue.
At the moment, there is no other information about additional mitigation measures.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sheetjs Community Edition