Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package tsup, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (1)
CVE-2024-53384 — CVSS 5.1 (medium): A DOM Clobbering vulnerability in tsup v8.3.4 allows attackers to execute arbitrary code via a crafted script in the import.meta.url to…