Skip to main content

Zrender

1 CVEs product

Monthly

CVE-2021-39227 npm CRITICAL PATCH Act Now

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Prototype Pollution Apache Information Disclosure Zrender
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improperly Controlled Modification of Object Prototype Attributes (Prototype Pollution) vulnerability could allow attackers to modify object prototypes to inject properties affecting application logic.

Prototype Pollution Apache Information Disclosure +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy