Vulnerability	Vulnerable Version
H Prototype Pollution vue-i18n is an Internationalization plugin for Vue.js Affected versions of this package are vulnerable to Prototype Pollution through the `handleFlatJson` function due to improper input validation. An attacker can introduce or modify properties within the global prototype chain, potentially causing denial of service or escalating to execute arbitrary commands within the application's context if the polluted property interacts with sensitive Node.js APIs like `exec` or `eval`. How to fix Prototype Pollution? Upgrade `vue-i18n` to version 9.14.3, 10.0.6, 11.1.2 or higher.	>=9.1.0 <9.14.3>=10.0.0-alpha.1 <10.0.6>=11.0.0-beta.0 <11.1.2

Prototype Pollution

vue-i18n is an Internationalization plugin for Vue.js

Affected versions of this package are vulnerable to Prototype Pollution through the handleFlatJson function due to improper input validation. An attacker can introduce or modify properties within the global prototype chain, potentially causing denial of service or escalating to execute arbitrary commands within the application's context if the polluted property interacts with sensitive Node.js APIs like exec or eval.

How to fix Prototype Pollution?

Upgrade vue-i18n to version 9.14.3, 10.0.6, 11.1.2 or higher.

>=9.1.0 <9.14.3>=10.0.0-alpha.1 <10.0.6>=11.0.0-beta.0 <11.1.2

Go back to all versions of this package