vuetify

npm3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting vuetifypage 1 of 1

CVE-2022-25873MEDIUMCVSS 4.6EG 4.6✓ Fixed in 2.6.10
2022-09-18
The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization in the 'eventName' function within the VCalendar component.
CVE-2025-8082MEDIUMCVSS 6.3EG 6.3✓ Fixed in 3.0.0
2025-12-12
Improper neutralization of the title date in the 'VDatePicker' component in Vuetify, allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting (XSS) https://owasp.org/www-community/attacks/xss attack…
CVE-2025-8083HIGHCVSS 8.6EG 8.6✓ Fixed in 3.0.0-alpha.10
2025-12-12
The Preset configuration https://v2.vuetifyjs.com/en/features/presets feature of Vuetify is vulnerable to Prototype Pollution https://cheatsheetseries.owasp.org/cheatsheets/Prototype_Pollution_Prevention_Cheat_Sheet.html due to the i…

Check whether vuetify is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for vuetify CVEs against the assets you own.

Start Free Scan →