Billboard.Js
Approved changes feed: RSS · Atom
cpe:2.3:a:naver:billboard.js:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Naver (2e3d4894-d5bf-53f1-9aff-80b030ad77c4) |
|---|---|
| Product | Billboard.Js (a94aebba-486d-5880-8e66-ed96e7299553) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/naver/billboard.js |
purl2cpe | 2026-06-01 10:16:14.689259 |
pkg:npm/billboard.js |
purl2cpe | 2026-06-01 10:16:14.689262 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-1513 |
vulnerable | 2026-06-03 15:14:44.559941 |
Details available
billboard.js before 3.18.0 allows an attacker to execute malicious JavaScript due to improper sanitization during chart option binding.
Published: 2026-01-28T01:28:23.567Z
Updated: 2026-01-29T15:22:06.409Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-1513 |
not_vulnerable | 2026-06-03 15:14:44.559775 |
Details available
billboard.js before 3.18.0 allows an attacker to execute malicious JavaScript due to improper sanitization during chart option binding.
Published: 2026-01-28T01:28:23.567Z
Updated: 2026-01-29T15:22:06.409Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49223 |
vulnerable | 2026-06-03 15:01:44.287750 |
Details available
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
Published: 2025-06-04T02:00:15.719Z
Updated: 2025-06-04T13:33:44.239Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49223 |
not_vulnerable | 2026-06-03 15:01:44.287700 |
Details available
billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
Published: 2025-06-04T02:00:15.719Z
Updated: 2025-06-04T13:33:44.239Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.