CVE-2019-18841
N/A
N/A
Summary
Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://rubygems.org/gems/chartkick/
- https://github.com/ankane/chartkick/commits/master
- https://chartkick.com
- https://github.com/ankane/chartkick/blob/master/CHANGELOG.md
- https://github.com/ankane/chartkick/commit/b810936bbf687bc74c5b6dba72d2397a399885fa
- https://github.com/ankane/chartkick.js/issues/117
References
- https://rubygems.org/gems/chartkick/
- https://github.com/ankane/chartkick/commits/master
- https://chartkick.com
- https://github.com/ankane/chartkick/blob/master/CHANGELOG.md
- https://github.com/ankane/chartkick/commit/b810936bbf687bc74c5b6dba72d2397a399885fa
- https://github.com/ankane/chartkick.js/issues/117
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.