CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2026/01/09 10:17 a.m.•3 views

CVE-2019-18841

Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution...

7.5CVSS6.8AI score0.01391EPSS

Exploits0References1

Circl•added 2024/02/11 10:1 a.m.•5 views

CVE-2019-18841

creationtimestamp| type| source ---|---|--- 2024-02-11 10:01:57+00:00| seen| https://t.me/ctinow/182732...

7.5CVSS7.3AI score0.01391EPSS

Exploits0References1

NVD•added 2019/11/11 1:15 a.m.•9 views

CVE-2019-18841

Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution...

7.5CVSS7.1AI score0.01391EPSS

Exploits0References6

UbuntuCve•added 2019/11/11 1:15 a.m.•12 views

CVE-2019-18841

Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution...

7.5CVSS7.1AI score0.01391EPSS

Exploits0References6

CVE•added 2019/11/11 12:5 a.m.•193 views

CVE-2019-18841

Chartkick.js 3.1.0–3.1.3 (used in the Chartkick gem for Ruby prior to 3.3.0) is vulnerable to prototype pollution due to unsafe handling of chart options. The root cause is that crafted input containing a payload like {"proto ": {"polluted": true}} can modify Object prototypes. As a result, attac...

7.5CVSS7AI score0.01391EPSS

Exploits0References6Affected Software1