Vendor
An unbounded row index allocation vulnerability (CWE-770) exists in the `checkSheet()` function of the `github.com/xuri/excelize/v2` library, allowing an unauthenticated attacker to craft a malicious XLSX file with a specially crafted row index value that triggers an out-of-memory error or runtime panic, leading to a denial-of-service condition in Go applications processing untrusted spreadsheets.