VYPR

npm package

@intlify/message-resolver

pkg:npm/%40intlify/message-resolver

Vulnerabilities (1)

  • CVE-2025-27597HigMar 7, 2025
    affected >= 9.1.0, < 9.1.11fixed 9.1.11

    Vue I18n is the internationalization plugin for Vue.js. @intlify/message-resolver and @intlify/vue-i18n-core are vulnerable to Prototype Pollution through the entry function: handleFlatJson. An attacker can supply a payload with Object.prototype setter to introduce or modify prop