Plotly.js
by Plotly
npm: plotly.js
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-1000006 | Med | 0.40 | 6.1 | 0.01 | Jul 17, 2017 | Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue. | ||
| CVE-2023-46308 | 0.00 | — | 0.01 | Jan 3, 2024 | In Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty. |
- risk 0.40cvss 6.1epss 0.01
Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.
- CVE-2023-46308Jan 3, 2024risk 0.00cvss —epss 0.01
In Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty.