Nexus Intelligence Insights: xlsx aka SheetJS - Regular Expression Denial of Service (ReDoS) and sonatype-2018-0622

By Ax Sharma on May 06, 2020 vulnerabilities

3 minute read time

The ReDoS vulnerability impacting the popular npm component SheetJS, also known as “xlsx,” was thought to be remedied through a fix, but no, not so fast.