VYPR

npm package

vega-interpreter

pkg:npm/vega-interpreter

Vulnerabilities (1)

  • CVE-2025-59840HigNov 13, 2025
    affected >= 2.0.0, < 2.2.1fixed 2.2.1

    Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 6.2.0, applications meeting 2 conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpret