Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2025/05/23 4:52 a.m.11 views

CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

9.8CVSS6.8AI score0.00936EPSS
Exploits0References1
ibm
ibm
added 2024/11/05 11:58 a.m.18 views

Security Bulletin: There is a vulnerability in plotly.js used by IBM Maximo Asset Management application (CVE-2023-46308)

Summary There is a vulnerability in plotly.js used by IBM Maximo Asset Management application CVE-2023-46308 Vulnerability Details CVEID:CVE-2023-46308 DESCRIPTION: Plotly plotly.js could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the...

9.8CVSS7.9AI score0.00936EPSS
Exploits0Affected Software1
ibm
ibm
added 2024/03/13 2:34 p.m.37 views

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to execute arbitrary code on the system CVE-2023-46308

Summary plotly.js is used by the IBM Datapower Operations Dashboard in their web console. Vulnerability Details CVEID:CVE-2023-46308 DESCRIPTION: Plotly plotly.js could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the plot API calls. By...

9.8CVSS9.7AI score0.00936EPSS
Exploits0Affected Software1
susecve
susecve
added 2024/01/22 2:49 a.m.3 views

SUSE CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

9.8CVSS7AI score0.00936EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2024/01/03 6:30 a.m.6 views

@12-labours/mapintegratedvuer (>=1.0.0-beta.0 <=1.0.0-beta.14), @abi-software/mapintegratedvuer (>=0.1.0 <=0.6.7) +209 more potentially affected by CVE-2023-46308 via plotly.js (>=1.12.0 <=2.23.2)

plotly.js NPM version =1.12.0, =1.0.0-beta.0, =0.1.0, =0.2.23, =0.2.0, =0.1.27, =1.0.7, =0.9.1, =0.14.1, =1.2.16, =0.0.1, =1.0.0, =0.0.6, =1.0.0, =1.0.3 and more Source cves: CVE-2023-46308 Source advisory: OSV:GHSA-WJC4-73Q6-GV3M...

9.8CVSS7.1AI score0.00936EPSS
Exploits0
nvd
nvd
added 2024/01/03 5:15 a.m.21 views

CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

9.8CVSS9.5AI score0.00936EPSS
Exploits0References3
cve
cve
added 2024/01/03 12:0 a.m.121 views

CVE-2023-46308

CVE-2023-46308 affects the Plotly library plotly.js prior to 2.25.2. The issue is a prototype pollution flaw in the plot API calls (expandObjectPaths/nestedProperty) that could lead to remote code execution or denial of service. Public references indicate the fix is in plotly.js v2.25.2 and later...

9.8CVSS9.3AI score0.00936EPSS
Exploits0References3Affected Software1
vulnrichment
vulnrichment
added 2024/01/03 12:0 a.m.4 views

CVE-2023-46308

In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty...

9.5AI score0.00936EPSS
Exploits0References3
Rows per page
Query Builder