CVE-2025-27597 | intlify vue-i18n up to 9.14.2/10.0.5/11.1.1 handleFlatJson prototype pollution (GHSA-p2ph-7g93-hw3m)

Inserito da Angelo Barbosa | Mar 7, 2025 | CVE

A vulnerability was found in intlify vue-i18n up to 9.14.2/10.0.5/11.1.1. It has been declared as critical. This vulnerability affects the function handleFlatJson. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability was named CVE-2025-27597. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27597 | intlify vue-i18n up to 9.14.2/10.0.5/11.1.1 handleFlatJson prototype pollution (GHSA-p2ph-7g93-hw3m)

Post correlati

CVE-2024-4305 | Post Grid Gutenberg Blocks and Blog Plugin up to 4.0.x on WordPress Block cross site scripting

CVE-2022-50180 | Linux Kernel up to 5.19.1 wifi il4965_rs_fill_link_cmd off-by-one

CVE-2024-2963 | marubon Pocket News Generator Plugin up to 0.2.0 on WordPress Setting Consumer Key/Access Token cross site scripting

CVE-2024-3549 | Blog2Social Plugin up to 7.4.1 on WordPress sql injection