i18next

npm2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting i18nextpage 1 of 1

CVE-2017-16008MEDIUMCVSS 6.1✓ Fixed in 1.10.3
2018-06-04
i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of the dictionary keys to inject script into …
CVE-2017-16010MEDIUMCVSS 6.1✓ Fixed in 3.4.4
2018-05-29
i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulner…

Check whether i18next is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for i18next CVEs against the assets you own.

Start Free Scan →