Chartkick Js
1 CVEs
product
Monthly
Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Chartkick Js
NVD
GitHub
CVSS 3.1
7.3
EPSS
1.4%
CVE-2019-18841
LIB
EPSS 1%
CVSS 7.3
HIGH
PATCH
This Week
Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Information Disclosure
Chartkick Js
NVD
GitHub