CVE-2024-45435

Name of the Vulnerable Software and Affected Versions: Chartist versions 1.x through 1.3.0

Description: The issue allows Prototype Pollution via the extend function. This can potentially lead to security risks, as it may enable attackers to manipulate the prototype chain of objects, affecting the application's behavior.

Recommendations: For Chartist versions 1.x through 1.3.0, consider disabling the extend function as a temporary workaround until a patch is available. Restrict access to the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.