VulnerableCode Package Details - pkg:nuget/i18n@1.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-p4mn-btwb-q7cm Aliases: CVE-2020-7791 GHSA-hfvc-g252-rp4g	Denial of Service in i18n This affects the package i18n before version 2.1.15. Vulnerability arises out of insufficient handling of erroneous language tags in src/i18n/Concrete/TextLocalizer.cs and src/i18n/LocalizedApplication.cs.	2.1.15 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-p4mn-btwb-q7cm
Aliases:
CVE-2020-7791
GHSA-hfvc-g252-rp4g

Denial of Service in i18n This affects the package i18n before version 2.1.15. Vulnerability arises out of insufficient handling of erroneous language tags in src/i18n/Concrete/TextLocalizer.cs and src/i18n/LocalizedApplication.cs.

2.1.15
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-65ha-wgr4-eqd4	Reflective XSS Vulnerability When a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.	CVE-2013-4492 GHSA-r5hc-9xx5-97rw
VCID-sns8-17hs-vugu	Improper Input Validation `Hash#slice` in `lib/i18n/core_ext/hash.rb` in the i18n gem for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where `:some_key` is present in `keep_keys` but not present in the hash.	CVE-2014-10077 GHSA-34hf-g744-jw64

Vulnerability

Summary

Aliases

VCID-65ha-wgr4-eqd4

Reflective XSS Vulnerability When a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.

CVE-2013-4492
GHSA-r5hc-9xx5-97rw

VCID-sns8-17hs-vugu

Improper Input Validation `Hash#slice` in `lib/i18n/core_ext/hash.rb` in the i18n gem for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where `:some_key` is present in `keep_keys` but not present in the hash.

CVE-2014-10077
GHSA-34hf-g744-jw64

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:15:04.036171+00:00	GitLab Importer	Affected by	VCID-p4mn-btwb-q7cm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/i18n/CVE-2020-7791.yml	38.4.0
2026-04-11T22:27:12.122721+00:00	GitLab Importer	Affected by	VCID-p4mn-btwb-q7cm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/i18n/CVE-2020-7791.yml	38.3.0
2026-04-02T22:38:53.882013+00:00	GitLab Importer	Affected by	VCID-p4mn-btwb-q7cm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/i18n/CVE-2020-7791.yml	38.1.0
2026-04-01T16:56:18.335573+00:00	GitLab Importer	Affected by	VCID-p4mn-btwb-q7cm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/i18n/CVE-2020-7791.yml	38.0.0
2026-04-01T12:48:07.829841+00:00	GitLab Importer	Fixing	VCID-sns8-17hs-vugu	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/i18n/CVE-2014-10077.yml	38.0.0
2026-04-01T12:46:51.046704+00:00	GitLab Importer	Fixing	VCID-65ha-wgr4-eqd4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/i18n/CVE-2013-4492.yml	38.0.0