CVE-2023-30533: Prototype Pollution in sheetJS

April 24, 2023 (updated September 7, 2023)

SheetJS Community Edition before 0.19.3 allows Prototype Pollution via a crafted file.

References

cdn.sheetjs.com/advisories/CVE-2023-30533
git.sheetjs.com/sheetjs/sheetjs/src/branch/master/CHANGELOG.md
github.com/advisories/GHSA-4r6h-8v6p-xvw6
nvd.nist.gov/vuln/detail/CVE-2023-30533

Code Behaviors & Features

Detect and mitigate CVE-2023-30533 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →