Chart.js – Pen test results

  • Resolved MrCarlLister

    (@mrcarllister)


    1 year, 8 months ago

    Hi,

    A client of mine recently had a web application penetration test ran on their site and the following was flagged as a critical vulnerability;

    Chart.js version 2.7.1 is vulnerable to a Prototype Pollution vulnerability rated as critical on the NVD database.

    https://security.snyk.io/vuln/SNYK-JS-CHARTJS-1018716

    Is there any chance that the version of chart.js could be updated to negate this vulnerability?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author WP Media

    (@wp_media)

    Hi @mrcarllister

    Thanks for pointing this to us. Our developers are investigating this and we will proceed with necessary actions to make it safe to use.

    We will get back to you with further information about our findings and actions.

    Best Regards,
    Marko

    Thread Starter MrCarlLister

    (@mrcarllister)

    Thanks for getting back to me!

    Please let me know when you have an update ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Chart.js – Pen test results’ is closed to new replies.