@4kda/vuetify-cifrum-components (>=0.0.5 <=0.0.51), @4kda/vuetify-cifrum-demo-app (>=0.0.11 <=0.0.55) +1226 more potentially affected by CVE-2025-8082 via vuetify (>=2.0.0 <=3.0.0-beta.7)

vuetify NPM version =2.0.0, =0.0.5, =0.0.11, =0.0.13, =0.0.13, =0.0.13, =1.1.10, =1.0.8, =0.1.0, =0.0.1, =0.3.0, =2.0.5, =0.0.5, =0.1.0, =0.1.29 and more Source cves: CVE-2025-8082 Source advisory: OSV:GHSA-9W3X-85MW-4FWM...

@4kda/vuetify-cifrum-components (>=0.0.5 <=0.0.51), @4kda/vuetify-cifrum-demo-app (>=0.0.11 <=0.0.55) +1215 more potentially affected by CVE-2025-8083 via vuetify (>=2.2.0 <=2.7.2)

vuetify NPM version =2.2.0, =0.0.5, =0.0.11, =0.0.13, =0.0.13, =0.0.13, =1.1.10, =1.0.8, =0.1.0, =0.0.1, =0.3.0, =2.0.5, =0.0.5, =0.1.0, =0.1.29 and more Source cves: CVE-2025-8083 Source advisory: OSV:GHSA-3JP5-5F8R-Q2WG...

@4kda/vuetify-cifrum-components (>=0.0.5 <=0.0.51), @4kda/vuetify-cifrum-demo-app (>=0.0.11 <=0.0.55) +1226 more potentially affected by CVE-2025-8082 via vuetify (>=2.0.0 <=3.0.0-beta.7)

vuetify NPM version =2.0.0, =0.0.5, =0.0.11, =0.0.13, =0.0.13, =0.0.13, =1.1.10, =1.0.8, =0.1.0, =0.0.1, =0.3.0, =2.0.5, =0.0.5, =0.1.0, =0.1.29 and more Source cves: CVE-2025-8082 Source advisory: SNYK:JS-VUETIFY-14412705...

CVE-2025-8083 Vuetify Prototype Pollution via Preset options

The Preset configuration https://v2.vuetifyjs.com/en/features/presets feature of Vuetify is vulnerable to Prototype Pollution https://cheatsheetseries.owasp.org/cheatsheets/PrototypePollutionPreventionCheatSheet.html due to the internal 'mergeDeep' utility function used to merge options with...

CVE-2025-1461

Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component in Vuetify allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the...

CVE-2025-1461

CVE-2025-1461 affects Vuetify’s VCalendar eventMoreText prop. Affected: Vuetify &gt;=2.0.0 and

@appsocially/timepassport (>=0.1.2-0.1 <=0.1.29), @becompliancebr/shared-components (>=1.0.0 <=1.10.0) +74 more potentially affected by CVE-2022-25873 via vuetify (>=2.0.0 <=2.6.1)

vuetify NPM version =2.0.0, =0.1.2-0.1, =1.0.0, =1.2.5, =5.0.1-beta.0, =0.0.128, =0.0.101-beta.22, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.1.0, =0.1.1 - @een/cm-timeline-sdk =0.1.8 and more Source cves: CVE-2022-25873 Source advisory: OSV:GHSA-Q4Q5-C5CV-2P68...