0 critical · 1 high · 1 medium · 0 low · 2 total (deduped by advisory)
NPM package @datagrok/charts@1.7.0 — production dependency tree audited with npm audit.
| Advisory | Severity | Dependency | Installed | Vulnerable range | Fixed by | CVSS | Description |
|---|---|---|---|---|---|---|---|
| GHSA-36jr-mh4h-2g58 | HIGH | d3-color | 1.0.3 | <3.1.0 | — | d3-color vulnerable to ReDoS | |
| GHSA-fgmj-fm8m-jvvx | MEDIUM | echarts | 5.6.0 | <6.1.0 | echarts@6.1.0 | 6.1 | Apache ECharts has a cross-site scripting (XSS) vulnerability |