VDB
CVE-2020-26296
CVE-2020-26296
PUBLISHED
CVSS 8.699999809265137 HIGH
XSS in Vega
EPSS 0.41% · 61.5th percentile
Risk Scores
CVSS 3.1
8.699999809265137
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS Score
0.41%
61.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| npm | vega | 0 |
| vega | vega | < 5.17.3 |
| vega_project | vega | 0 |
Timeline
- Dec 30, 2020 CVE Published
- Jan 6, 2021 CVE Updated
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
References
- https://github.com/vega/vega/security/advisories/GHSA-r2qc-w64x-6j54 url
- https://github.com/vega/vega/issues/3018 url
- https://github.com/vega/vega/pull/3019 url
- https://github.com/vega/vega/releases/tag/v5.17.3 url
- https://www.npmjs.com/package/vega url
- https://nvd.nist.gov/vuln/detail/CVE-2020-26296 advisory