vue-i18n has cross-site scripting vulnerability with prototype pollution
- Severity:
- Medium
Description
XSS
Recommendation
Update the petite-vue-i18n package to the latest compatible version. Followings are version details:
- Affected version(s): >= 10.0.0, < 10.0.5
- Patched version(s): 10.0.5
References
Related Issues
- x402 SDK vulnerable in outdated versions in resource servers for builders - Vulnerability
- tarteaucitron.js vulnerable to DOM Clobbering via document.currentScript - CVE-2025-48939
- Vue I18n Allows Prototype Pollution in `handleFlatJson` - CVE-2025-27597
- Potential DoS when using ContextLines integration (GHSA-r5w7-f542-q2j4) 9 - Vulnerability
- Tags:
- npm
- petite-vue-i18n
Anything's wrong? Let us know Last updated on December 02, 2024