CSP-compliant interpreter for Vega expressions.
[email protected] has vulnerabilities — update to latest
Update to >= 5.2.1 to fix known vulnerabilities
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| high | CVE-2025-59840 | Vega Cross-Site Scripting (XSS) via expressions abusing toString calls in environments using the VEGA_DEBUG global variable | 5.2.1 |
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/npm/vega-interpreterFirst published · 2020-06-02T09:52:17.309Z
Last updated · 2025-09-24T19:59:28.259Z