Lucene search
K

252 matches found

NVD
NVD
added 2025/12/12 7:16 p.m.7 views

CVE-2025-8082

Improper neutralization of the title date in the 'VDatePicker' component in Vuetify, allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the 'title-date-format'...

6.3CVSS0.0017EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/12 6:33 p.m.6 views

CVE-2025-8082 Vuetify XSS via unsanitized 'titleDateFormat' in 'VDatePicker'

Improper neutralization of the title date in the 'VDatePicker' component in Vuetify, allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the 'title-date-format'...

6.3CVSS5.3AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/12 6:33 p.m.30 views

CVE-2025-8082 Vuetify XSS via unsanitized 'titleDateFormat' in 'VDatePicker'

Improper neutralization of the title date in the 'VDatePicker' component in Vuetify, allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting XSS https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the 'title-date-format'...

6.3CVSS0.0017EPSS
Exploits0References2
CVE
CVE
added 2025/12/12 6:33 p.m.19 views

CVE-2025-8082

Vuetify CVE-2025-8082 affects the VDatePicker component where the title-date-format property can output user-generated content which is assigned to innerHTML without sanitization, enabling Cross-Site Scripting. Affected versions are Vuetify 2.0.0 and above up to, but not including, 3.0.0. The iss...

6.3CVSS5.3AI score0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.3 views

PT-2025-50969

Name of the Vulnerable Software and Affected Versions Vuetify versions 2.2.0-beta.2 through 3.0.0-alpha.10 Description The Preset configuration feature of Vuetify is susceptible to Prototype Pollution due to the 'mergeDeep' utility function used for merging options with defaults. A malicious pres...

8.6CVSS6.8AI score0.00285EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.5 views

vuetify 安全漏洞

vuetify is a material component framework for Vue open-sourced by vuetify Germany. A security vulnerability exists in vuetify version 2.2.0-beta.2 through versions prior to 3.0.0-alpha.10, which stems from a prototype contamination in the Preset configuration, which could result in contaminating...

8.6CVSS6.3AI score0.00285EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.2 views

PT-2025-50965

Name of the Vulnerable Software and Affected Versions Vuetify versions 2.0.0 through 2.9.9 Description A flaw exists in the 'VDatePicker' component of Vuetify that allows unsanitized HTML to be inserted into a webpage. This is due to the improper handling of the 'title-date-format' property, whic...

6.3CVSS5.5AI score0.0017EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.4 views

Vuetify 安全漏洞

vuetify is a material component framework for Vue open sourced by vuetify Germany. A security vulnerability exists in Vuetify version 2.0.0 up to versions prior to 3.0.0, which stems from cross-site scripting in the VDatePicker component that may result in the injection of uncleaned HTML...

6.3CVSS6.2AI score0.0017EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in await-jwt-vuetify-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd21812b96907664c208aee1e22aaf7d46e2eaf9437d6f4a0c8a6f0731f689fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178759

Malicious code in gatsby-interstellarmedium-vuetify-procyon npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-177437

Malicious code in ophiuchus-vuetify-schema-ursa npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-175675

Malicious code in vuetify-thermochronology-csv-cryovolcano npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-176073

Malicious code in tailwindcss-bulma-vuetify-zenobia npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-177963

Malicious code in mantle-galaxy-vuetify-pm2 npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in gatsby-fornax-nuxtjs-vuetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17493a8c27f8742691d5fb50ff801a6a531114bb0524fe9605d6af16d32780de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-176744

Malicious code in registry-relay-electron-builder-vuetify npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-179259

Malicious code in dotenv-safe-norma-vuetify-paleomagnetism npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-175674

Malicious code in vuetify-xanadu-stratigraphy-sedimentology npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in hadron-vuetify-astrophysics-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a023aa918b6df89cf02b3fb9cbff1e261dbb97330b127160a907246a48e94bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-179456

Malicious code in css-minimizer-webpack-plugin-vuetify-ichnology-redshift npm...

6.6AI score
Exploits0
Rows per page
Query Builder