Excel Serialization Module to Support PHPSpreadsheet ^2.0

Created on 30 August 2024, 4 months ago
Updated 20 September 2024, 3 months ago

Problem/Motivation

Support / require PHPSpreadsheet ^2.0

Current ^1.26 has security advisories:

  • CVE-2024-45048 (<2.2.1) - XXE in PHPSpreadsheet encoding is returned - https://github.com/advisories/GHSA-ghg6-32f9-2jp7
  • CVE-2024-45046 (<2.1.0) - PhpSpreadsheet HTML writer is vulnerable to Cross-Site Scripting via style - https://github.com/advisories/GHSA-wgmf-q9vr-vww6

Steps to reproduce

composer audit --locked

Proposed resolution

Support PHPSpreadsheet ^2.0

Feature request
Status

Fixed

Version

1.0

Component

Code

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Production build 0.71.5 2024