I18n Project: Security Vulnerabilities
This affects the package i18n before 2.1.15. Vulnerability arises out of insufficient handling of erroneous language tags in src/i18n/Concrete/TextLocalizer.cs and src/i18n/LocalizedApplication.cs.
CVSS Score
7.5
EPSS Score
0.015
Published
2020-12-11
Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.
CVSS Score
7.5
EPSS Score
0.014
Published
2018-11-06
Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call.
CVSS Score
4.3
EPSS Score
0.004
Published
2013-12-07