VYPR

Highcharts

by Highcharts

npm: highcharts

Source repositories

CVEs (2)

  • CVE-2021-29489HigMay 5, 2021
    risk 0.49cvss 7.6epss 0.01

    Highcharts JS is a JavaScript charting library based on SVG. In Highcharts versions 8 and earlier, the chart options structure was not systematically filtered for XSS vectors. The potential impact was that content from untrusted sources could execute code in the end user's…

  • CVE-2018-20801HigMar 14, 2019
    risk 0.42cvss 7.5epss 0.03

    In js/parts/SvgRenderer.js in Highcharts JS before 6.1.0, the use of backtracking regular expressions permitted an attacker to conduct a denial of service attack against the SVGRenderer component, aka ReDoS.