xlsx has 2 known vulnerabilities on the latest version (0.18.5). DepScope rates its health at 60/100 (moderate risk).

What is the latest version of xlsx?

The latest version of xlsx is 0.18.5, released 2022-03-24.

Does xlsx have known vulnerabilities?

Yes. xlsx has 2 known vulnerabilities. See depscope.dev/pkg/npm/xlsx for details.

No, xlsx is actively maintained. Latest release: 0.18.5 (2022-03-24).

What are alternatives to xlsx?

Popular alternatives to xlsx in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does xlsx use?

xlsx is licensed under Apache-2.0.

xlsx

npmv0.18.5

SheetJS Spreadsheet data parser and writer

License Apache-2.0permissive108 versions1 maintainers7 deps11,174,070 weekly dl

SheetJS/sheetjs

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Moderate health score (60/100) — verify manually
2 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

20/20

popularity

15/25

security

15/15

maturity

10/15

community

0/15

popularity_floor

Vulnerabilities

2 high

Advisories (2)

Severity	ID	Summary	Fixed in
high	CVE-2023-30533	Prototype Pollution in sheetJS	—
high	CVE-2024-22363	SheetJS Regular Expression Denial of Service (ReDoS)	—

Bundle & TypeScript

📦

Bundle Size

402.3 KBminified

136.4 KB gzipped

7 direct dependencies

ESM

🌟

TypeScript

10/10typed

bundled

Health History

Dependency Tree

License Audit

Dependencies (7)

cfb ssf wmf word crc-32 adler-32 codepage

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/xlsx