Comparison Overview

Charter Sports Ski & Snowboard Rentals - Highline Vail

VS

Griffon Inc.

Charter Sports Ski & Snowboard Rentals - Highline Vail

2211 N Frontage Rd W, Vail, Colorado, US, 81657
Last Update: 2025-11-26
View Profile
Between 750 and 799
www.chartersports.com

We offer the best online discounts for ski, snowboard, and mountain and path bike rentals in Vail, Beaver Creek, Avon, Copper, and Breckenridge with a focus on the guest rental experience. Locally owned and operated, Charter Sports has been conveniently located within internationally known hotel and lodging properties in Colorado’s top ski resorts since 1988. Demo-specific rental gear and packages for all ages and abilities. Rental equipment pick-up and drop-off available at any of our Charter Sports Locations. Save time and money with advanced reservations for ski and snowboard rentals in the Winter and bike rentals in the Summer. Terrific groups savings for 15 or more rental guests.

NAICS: None
NAICS Definition: Others
Employees: None
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Griffon Inc.

None, None, Montreal, None, CA, None
Last Update: 2025-11-22
Between 750 and 799
http://griffondvl.com

Griffon's product development division offers expertise in sourcing, design and development and tooling fabrication; where services can be turn key, from conceptualisation to final product testing, or can be compartmentalised to offer a modular service at any phase of the project. We have strategic alliances with several design firms in Montreal, Toronto and Taipei as well as with two engineering firms here in Montreal that provide all aspects of engineering design including CAD, Mould analysis software, FEA and PLM services. Our sourcing services involve finding the right partner to manufacture your product, whether domestic or overseas; finding the right supplier for your raw material needs if you assume the fabrication of your products or off-shoring a particular product or product line to lower costs and improve quality and margins. Finding the right partner is one thing, insuring consistent quality is another, and to do that strict control need to be in place as well as a presence at the factory. We have partnered with a firm in Kaohsiung with a 40 year proven track record and a full complementary staff of engineers that can travel at a moments notice anywhere in Asia to insure your quality inspection needs. Our areas of expertise are as follows: 1. Protective equipment, both body and head and face 2. Metal - extruding complex shapes as well as simple bars, CNC'ing, anodizing and all other types of finishing 3. Cut and sew, most fabrics 4. Stamping - all types 5. Moulding - Plastics - Metal injection - Optical quality - Food grade containers - Medical - Composites both thermosets and thermoplastics 6. Mould making - all types 7. Complete QC design and setup 8. Optics - design and fabrication 9. Composites assemblies 10. Printing - all types

NAICS: None
NAICS Definition: Others
Employees: 3
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/charter-sports-ski-snowboard-rentals-highline-vail.jpeg
Charter Sports Ski & Snowboard Rentals - Highline Vail
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/griffon-development-inc-.jpeg
Griffon Inc.
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Charter Sports Ski & Snowboard Rentals - Highline Vail
100%
Compliance Rate
0/4 Standards Verified
Griffon Inc.
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Sporting Goods Industry Average (This Year)

No incidents recorded for Charter Sports Ski & Snowboard Rentals - Highline Vail in 2025.

Incidents vs Sporting Goods Industry Average (This Year)

No incidents recorded for Griffon Inc. in 2025.

Incident History — Charter Sports Ski & Snowboard Rentals - Highline Vail (X = Date, Y = Severity)

Charter Sports Ski & Snowboard Rentals - Highline Vail cyber incidents detection timeline including parent company and subsidiaries

Incident History — Griffon Inc. (X = Date, Y = Severity)

Griffon Inc. cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/charter-sports-ski-snowboard-rentals-highline-vail.jpeg
Charter Sports Ski & Snowboard Rentals - Highline Vail
Incidents

No Incident

https://images.rankiteo.com/companyimages/griffon-development-inc-.jpeg
Griffon Inc.
Incidents

No Incident

FAQ

Charter Sports Ski & Snowboard Rentals - Highline Vail company demonstrates a stronger AI Cybersecurity Score compared to Griffon Inc. company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Griffon Inc. company has disclosed a higher number of cyber incidents compared to Charter Sports Ski & Snowboard Rentals - Highline Vail company.

In the current year, Griffon Inc. company and Charter Sports Ski & Snowboard Rentals - Highline Vail company have not reported any cyber incidents.

Neither Griffon Inc. company nor Charter Sports Ski & Snowboard Rentals - Highline Vail company has reported experiencing a ransomware attack publicly.

Neither Griffon Inc. company nor Charter Sports Ski & Snowboard Rentals - Highline Vail company has reported experiencing a data breach publicly.

Neither Griffon Inc. company nor Charter Sports Ski & Snowboard Rentals - Highline Vail company has reported experiencing targeted cyberattacks publicly.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail company nor Griffon Inc. company has reported experiencing or disclosing vulnerabilities publicly.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail company nor Griffon Inc. company has publicly disclosed detailed information about the number of their subsidiaries.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds SOC 2 Type 1 certification.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds SOC 2 Type 2 certification.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds ISO 27001 certification.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds PCI DSS certification.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds HIPAA certification.

Neither Charter Sports Ski & Snowboard Rentals - Highline Vail nor Griffon Inc. holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.

Published
Date
2025-11-26
Updated
Date
2025-11-26
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.

Published
Date
2025-11-26
Updated
Date
2025-11-26
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.

Published
Date
2025-11-26
Updated
Date
2025-11-26
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.

Published
Date
2025-11-26
Updated
Date
2025-11-26
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.

Published
Date
2025-11-26
Updated
Date
2025-11-26
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References