Description
Vulnerability type: Prototype Pollution
Affected Package:
Product: @intlify/shared Version: 10.0.4
Vulnerability Location(s):
node_modules/@intlify/shared/dist/shared.cjs:232:26
Description:
The latest version of @intlify/shared (10.0.4) is vulnerable to Prototype Pollution through the entry function(s) lib.deepCopy.
Recommendation
Update the petite-vue-i18n package to the latest compatible version. Followings are version details:
- Affected version(s): >= 10.0.0, < 10.0.5
- Patched version(s): 10.0.5
References
Related Issues
- Command Injection in lodash (GHSA-35jh-r3h4-6jhm) - CVE-2021-23337
- Regular Expression Denial of Service in papaparse - CVE-2020-36649
- Bootstrap Cross-Site Scripting (XSS) vulnerability - CVE-2024-6531
- Vue I18n Allows Prototype Pollution in `handleFlatJson` - CVE-2025-27597
- Tags:
- npm
- petite-vue-i18n
Anything's wrong? Let us know Last updated on December 02, 2024