Aggregates CVE and security vulnerability intelligence across all i18n_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and vendor risk input validation and related problems; some flaws may lead to vendor impact unexpected behavior and vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-7791 | This affects the package i18n before 2.1.15. Vulnerability arises out of insufficient handling of erroneous language tags in src/i18n/Concrete/TextLocalizer.cs and src/i18n/LocalizedApplication.cs. | [email protected] | 7.5 | 1.48% | 2020-12-11 | 2024-11-21 |
| CVE-2014-10077 | Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash. | [email protected] | 7.5 | 1.31% | 2018-11-06 | 2024-11-21 |
| CVE-2013-4492 | Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call. | [email protected] | 4.3 | 0.38% | 2013-12-07 | 2026-04-29 |