{"package":"xlsx","ecosystem":"npm","latest_version":"0.18.5","description":"SheetJS Spreadsheet data parser and writer","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://sheetjs.com/","repository":"git://github.com/SheetJS/sheetjs","downloads_weekly":null,"health":{"score":32,"risk":"critical","breakdown":{"maintenance":0,"popularity":0,"security":15,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":2,"critical":0,"high":2,"medium":0,"low":0,"details":[{"vuln_id":"CVE-2023-30533","severity":"high","summary":"Prototype Pollution in sheetJS","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2023-04-24T09:30:19Z","in_kev":false,"epss_prob":0.07698,"epss_percentile":0.91931,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-22363","severity":"high","summary":"SheetJS Regular Expression Denial of Service (ReDoS)","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2024-04-05T06:30:46Z","in_kev":false,"epss_prob":0.00135,"epss_percentile":0.32933,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.18.5","total_count":108,"recent":["0.16.2","0.16.3","0.16.4","0.16.5","0.16.6","0.16.7","0.16.8","0.16.9","0.17.0","0.17.1","0.17.2","0.17.3","0.17.4","0.17.5","0.18.0","0.18.1","0.18.2","0.18.3","0.18.4","0.18.5"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":"2013-12-06T19:57:24.042Z","last_published":"2022-03-24T14:23:09.623Z","dependencies_count":7,"dependencies":["cfb","ssf","wmf","word","crc-32","adler-32","codepage"]},"github_stats":null,"bundle":null,"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["Low health score (32/100)","2 high severity vulnerabilities"],"use_version":"0.18.5","version_hint":null,"summary":"xlsx@0.18.5 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":736,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":4528,"last_release_days_ago":1498,"avg_days_between_releases":238,"release_velocity":"stale"}}