Lucene search

CVE-2020-7746

🗓️ 29 Oct 2020 08:12:15Reported by snykType

CVE-2020-7746 affects package chart.js before 2.9.4. Improperly sanitized options parameter leads to prototype pollution

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 18
RedhatCVE	CVE-2020-7746	14 Jun 202216:29	–	redhatcve
Debian CVE	CVE-2020-7746	29 Oct 202008:15	–	debiancve
Node.js	Prototype pollution in chart.js	10 May 202118:51	–	nodejs
Cvelist	CVE-2020-7746 Prototype Pollution	29 Oct 202008:05	–	cvelist
OSV	Prototype pollution in chart.js	10 May 202118:47	–	osv
OSV	CVE-2020-7746	29 Oct 202008:15	–	osv
IBM Security Bulletins	Security Bulletin: Denial of Service Vulnerability in Chart.js affects IBM Spectrum Protect Plus (CVE-2020-7746)	4 Dec 202008:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to denial of service due to Chart.js (CVE-2020-7746)	1 Dec 202310:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.1	26 Mar 202502:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)	11 Apr 202215:17	–	ibm

Nvd

Node

chartjs chart.jsRange<2.9.4node.js

[
  {
    "product": "chart.js",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "2.9.4",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
snyk	www.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBCHARTJS-1019376
snyk	www.snyk.io/vuln/SNYK-JS-CHARTJS-1018716
github	www.github.com/chartjs/Chart.js/pull/7920
snyk	www.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1019375
snyk	www.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1019374

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Oct 2020 08:15Current

8.4High risk

Vulners AI Score8.4

CVSS25

CVSS37.5 - 9.8

EPSS0.00155

CWE-1321