IronXL - Security CVE
Please see information below regarding IronXL:
- All Iron Software products are DigiCert certified.
- IronXL does not use Microsoft.Office.Interop.
- No COM or COM+ interfaces are exposed in IronXL.dll.
- The library is written entirely in C#, which provides implicit protection from many common attack vectors.
- As few entry points as possible to the API are exposed.
- The library includes strong naming and sophisticated tamper protection.
- Every line of code goes through at least two levels of human review by senior engineers to check for security vulnerabilities.
- IronXL makes no known access to unmanaged code, unlike other Excel libraries that use Office Interop.
