[Snyk] Fix for 10 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • platform/i18n/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-ASYNC-2441827	Yes	Proof of Concept
	621/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6	Prototype Pollution SNYK-JS-FLAT-596927	Yes	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-I18NEXT-1065979	Yes	No Known Exploit
	459/1000 Why? Has a fix available, CVSS 4.9	Buffer Overflow SNYK-JS-I18NEXT-575536	Yes	No Known Exploit
	561/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.8	Prototype Pollution SNYK-JS-I18NEXT-585930	Yes	Proof of Concept
	686/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.3	Prototype Pollution SNYK-JS-INI-1048974	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-XLSX-1311137	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-XLSX-1311139	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JS-XLSX-1311141	Yes	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) SNYK-JS-XLSX-585898	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: i18next

The new version differs by 250 commits.

• aeab3ca 19.8.5
• f58c423 new version
• 932f5f6 fix potential prototype pollution when backend plugin resolves a malicious language value
• 2dc8267 Merge pull request feat: 🎸 Filter/promote multiple series instances OHIF/Viewers#1533 from pravi/update-rollup-plugin-babel
• dae2b32 chore: update build dependency (use @ rollup/plugin-babel)
• 4f9ef14 Merge pull request Query params to filter/promote multiple series instances OHIF/Viewers#1532 from pravi/update-node-resolve-plugin
• a90fb69 chore: update rollup and plugins
• ad88092 use fallbackLng as default lng
• ba564b3 19.8.4
• 1816290 prepare new release
• 1ed5a71 Updated FormatFunction signature to match codebase (onClick or doubleClick on Thumbnail not working on upload local OHIF/Viewers#1520)
• 2516e89 Update config.yml
• 94dd384 Update config.yml
• 877e250 commit build result
• fa98508 Merge pull request Magnify tool freezes on multiple viewports OHIF/Viewers#1518 from KristjanESPERANTO/patch-1
• 749519e Update URLs
• 03ef4ed 19.8.3
• ed6169f fix prototype pollution with constructor
• 5d808cd updated @ babel/runtime to ^7.12.0, runtime file extensions issue resolved (OHIF-35: Issues on StudyList Filter OHIF/Viewers#1513)
• cb780ad 19.8.2
• d736006 allow nesting recursively with context (could theoretically generate infinite loop, prevented in Accesing current image in series OHIF/Viewers#1480)
• 685aa0f 19.8.1
• b44f64c log optimizations for clone instances
• ba2613b 19.8.0

See the full diff

Package name: locize-cli

The new version differs by 138 commits.

• f17edb2 7.7.2
• 026cbbe update dependencies
• 7cce505 7.7.1
• c542283 new binary build (x64)
• 4a77d16 7.7.0
• c789ad8 request optimizations
• 7cec67c publish advice
• 79c8e5f 7.6.17
• daa5021 check skipEmpty flag when downloading translations
• a1529e0 update node-fetch
• 5ab0272 update gh-release dep
• 25a3003 7.6.16
• f7a80ab by default set also languageFolderPrefix to empty string when using programmatically
• 076c8e5 7.6.15
• e97acfc prepare release
• e964b60 some hints for save-missing command
• 129a77c update deps
• b82ac16 extend readme
• 0ebe0e9 stale bot
• 2eda957 7.6.14
• 14c3f11 update all dependencies
• 59db856 7.6.13
• 96212da try to download non-cached version of namespaces
• 5a550ae 7.6.12

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Prototype Pollution