Vulnerabilities (CVE)

Filtered by vendor Chartkick Project Subscribe
Filtered by product Chartkick
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16254 1 Chartkick Project 1 Chartkick 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).
CVE-2019-12732 1 Chartkick Project 1 Chartkick 2024-11-21 2.6 LOW 4.7 MEDIUM
The Chartkick gem through 3.1.0 for Ruby allows XSS.