billboard.js security vulnerability

billboard.js is a reusable and easy-to-use JavaScript chart library developed by NAVER based on D3.js. Versions of billboard.js prior to 3.18.0 contained a security vulnerability. This vulnerability stemmed from improper cleanup during the binding of chart options, which could allow for the...

@activfinancial/activ-workstation (>=0.3.0 <=0.4.35), @activfinancial/time-series-chart (>=0.3.40 <=0.3.51) +36 more potentially affected by CVE-2025-49223 via billboard.js (>=1.0.1 <=3.14.0)

billboard.js NPM version =1.0.1, =0.3.0, =0.3.40, =3.0.0, =0.0.55, =1.0.0, =1.0.0, =4.0.0, =1.0.0, =1.0.0, =0.0.1-alpha.1, =5.4.0, =1.5.0, =2.0.0 and more Source cves: CVE-2025-49223 Source advisory: OSV:GHSA-65P9-J6PG-72HJ...