Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

vega

npm

The Vega visualization grammar.

View on github.com · View on npmjs.org

Security Advisories for vega in npm

Moderate
7 months ago

Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace] GSA_kwCzR0hTQS05NjNoLTN2MzktM3BxZs4ABGAX

npm vega-functions, vega
Moderate
7 months ago

Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter GSA_kwCzR0hTQS1yY3czLXdteDctY3Bocs4ABF-7

npm vega-functions, vega
Moderate
9 months ago

Vega allows Cross-site Scripting via the vlSelectionTuples function GSA_kwCzR0hTQS1tcDd3LW1oY3YtNjczas4ABEfo

npm vega-selections, vega
Moderate
over 2 years ago

Vega vulnerable to arbitrary code execution when clicking href links GSA_kwCzR0hTQS1jcDQ3LXIyNTgtcTYyNs4AAx6k

npm vega
Moderate
over 2 years ago

Vega Expression Language `scale` expression function Cross Site Scripting GSA_kwCzR0hTQS00dnE3LTg4Mmctd2NnNM4AAx6g

npm vega, vega-functions
Moderate
over 2 years ago

Vega has Cross-site Scripting vulnerability in `lassoAppend` function GSA_kwCzR0hTQS13NW0zLXhoNzUtbXA1Nc4AAx6f

npm vega-functions, vega
Low
almost 5 years ago

XSS in Vega MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIycWMtdzY0eC02ajU0

npm vega

Filter by Severity

Moderate 6 Low 1