CVE-2024-45435

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 29, 2024
Updated: Sep 3, 2024
CWE ID 1321

Summary

CVE-2024-45435 identifies a vulnerability in Chartist versions 1.x through 1.3.0 that allows for Prototype Pollution via its extend function. This flaw affects multiple products, including yTqfFR, yTqfFQ, and others, posing significant risks due to its high severity rating of 9.8 on the CVSS scale. The potential impacts include high integrity, confidentiality, and availability risks, with an exploitability score of 3.9 indicating relatively low complexity for attackers and no required user interaction. Remediation steps involve updating to a patched version of Chartist that addresses this vulnerability. Organizations using affected products should prioritize mitigation to prevent possible exploitation through network attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share