i18n-polyfill
i18n-polyfill copied to clipboard
Yarg dependancy from the polyfill uses yargs-parser which is vulnerable to privilege escalation and remote code execution (RCE) via prototype pollution.
Hi Team, We are using ngx-translate/i18n-polyfill library for our i18 support. We are getting an security vulnerability due to yargs-parser.
Yarg dependancy from the polyfill uses yargs-parser which is vulnerable to privilege escalation and remote code execution (RCE) via prototype pollution. https://nvd.nist.gov/vuln/detail/CVE-2020-7608
Can you please update the dependency and create a new version ?