CVE-2025-27597 | intlify vue-i18n up to 9.14.2/10.0.5/11.1.1 handleFlatJson prototype pollution (GHSA-p2ph-7g93-hw3m)

Inserito da Angelo Barbosa | Mar 7, 2025 | CVE

A vulnerability was found in intlify vue-i18n up to 9.14.2/10.0.5/11.1.1. It has been declared as critical. This vulnerability affects the function handleFlatJson. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).

This vulnerability was named CVE-2025-27597. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27597 | intlify vue-i18n up to 9.14.2/10.0.5/11.1.1 handleFlatJson prototype pollution (GHSA-p2ph-7g93-hw3m)

Post correlati

CVE-2024-26611 | Linux Kernel up to 6.6.14/6.7.2/6.8-rc1 on ZC xsk bpf_xdp_adjust_tail null pointer dereference (82ee4781b820/5cd781f7216f/c5114710c8ce)

CVE-2018-9403 | Google Android Kernel LP_MSG_HAL_DIAG_REPORT_DATA_NTF stack-based overflow

CVE-2024-36494 | Image Access Scan2Net Login Page cross site scripting

CVE-2024-48895 | Rakuten Mobile Rakuten Turbo 5G up to 1.3.18 os command injection