CVE-2020-7746

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-7746
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7746.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-7746
Aliases
Downstream
Related
  • SNYK-JAVA-ORGWEBJARSBOWER-1019375
  • SNYK-JAVA-ORGWEBJARSBOWERGITHUBCHARTJS-1019376
  • SNYK-JAVA-ORGWEBJARSNPM-1019374
  • SNYK-JS-CHARTJS-1018716
Published
2020-10-29T08:15:12.007Z
Modified
2026-04-10T04:28:13.397086Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options (or the defaults options) are deeply merged with provided options. However, during this operation, the keys of the object being set are not checked, leading to a prototype pollution.

References

Affected packages

Git / github.com/chartjs/chart.js

Affected ranges

Type
GIT
Repo
https://github.com/chartjs/chart.js
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9bd4cf82fda9f50a5fb50b72843e06ab88124278
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.9.4"
        }
    ]
}

Affected versions

2.*
2.1.0
v0.*
v0.2.0
v1.*
v1.0.0-beta
v1.0.1
v1.0.1-beta
v1.0.1-beta.2
v1.0.1-beta.3
v1.0.1-beta.4
v1.0.2
v1.1.0
v1.1.1
v2.*
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.2.0
v2.2.0-rc.1
v2.2.0-rc.2
v2.2.1
v2.2.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7746.json"