Security Advisories - phpoffice/phpspreadsheet - Packagist

phpoffice/phpspreadsheet Security Advisories for 4.1.0 (1)

[HIGH] PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser

PKSA-64jn-3d9t-gncx CVE-2025-54370 GHSA-rx7m-68vc-ppxh

Affected version: <1.30.0|>=2.0.0,<2.1.0|>=2.1.0,<2.1.12|>=2.2.0,<2.3.0|>=2.3.0,<2.4.0|>=3.0.0,<3.10.0|>=4.0.0,<5.0.0

Reported by:
GitHub, FriendsOfPHP/security-advisories