vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 3

Description

XSS

Recommendation

Update the @intlify/core package to the latest compatible version. Followings are version details:

• Affected version(s): **>= 10.0.0, < 10.0.5

  >= 9.3.0, < 9.14.2**

• Patched version(s): **10.0.5

  9.14.2**

References

• GHSA-9r9m-ffp6-9x4v
• CVE-2024-52809
• CWE-79
• CAPEC-310
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 2 - CVE-2024-52809
• vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) 4 - CVE-2024-52809
• vue-i18n has cross-site scripting vulnerability with prototype pollution (GHSA-9r9m-ffp6-9x4v) - CVE-2024-52809
• vue-i18n has cross-site scripting vulnerability with prototype pollution - CVE-2024-52809

Tags:

npm

@intlify/core