ankane/chartkick

Releases86

Frequency1 month 3 weeks

Last Release 8 months ago

Stars6.53K

Create beautiful JavaScript charts with one line of Ruby

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-16254 ↗	Aug 5, 2020Wednesday, 5 August 2020, 20:15	6.1 MEDIUM	4.3 MEDIUM
The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).
CVE-2019-18841 ↗	Nov 11, 2019Monday, 11 November 2019, 01:15	7.3 HIGH	7.5 HIGH
Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before 3.3.0 for Ruby, allows prototype pollution.
CVE-2019-12732 ↗	Jun 6, 2019Thursday, 6 June 2019, 15:29	—	2.6 LOW
The Chartkick gem through 3.1.0 for Ruby allows XSS.