CVE-2024-45435

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function...

Prototype Pollution

chartist is vulnerable to Prototype Pollution. The vulnerability is due to lack of validation in the extend function to prevent arguments from modifying the object prototype in Chartist, allows an attacker to inject malicious object properties using the proto property, which recursively affects a...

CVE-2024-45435

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function...

CVE-2024-45435

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function...

CVE-2024-45435

CVE-2024-45435 affects Chartist 1.x–1.3.0, due to a lack of validation in the extend function that enables prototype pollution. This can allow an attacker to modify the Object prototype via proto , impacting all objects in the application (reported CVSS v3.1 base score 9.8, critical, with network...

CVE-2024-45435

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function...

CVE-2024-45435

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function...

Chartist 安全漏洞

Chartist is a Chartist open source library of simple responsive charts built using SVG. A security vulnerability exists in Chartist versions 1.x through 1.3.0 that stems from allowing prototype contamination via extensions...

PT-2024-31628 · Chartist · Chartist

Name of the Vulnerable Software and Affected Versions: Chartist versions 1.x through 1.3.0 Description: The issue allows Prototype Pollution via the extend function. This can potentially lead to security risks, as it may enable attackers to manipulate the prototype chain of objects, affecting the...