pkg:npm/vega

共 7 筆 CVEHIGH2MEDIUM3

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.7CVE-2020-26296XSS in Vega
    from 0, < 5.17.3
  • HIGH8.1CVE-2025-59840Vega Cross-Site Scripting (XSS) via expressions abusing toString calls in environments using the VEGA_DEBUG global variable
    from 0, < 6.2.0
  • MEDIUM6.1CVE-2025-26619Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter
    from 0, < 5.31.0
  • MEDIUM6.1CVE-2023-26486Vega Expression Language `scale` expression function Cross Site Scripting
    from 0, < 5.23.0
  • MEDIUM6.1CVE-2023-26487Vega has Cross-site Scripting vulnerability in `lassoAppend` function
    from 0, < 5.23.0
  • CVE-2025-27793Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]
    from 0, < 5.32.0
  • CVE-2025-25304Vega allows Cross-site Scripting via the vlSelectionTuples function
    from 0, < 5.26.0