CVE-2024-53384

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-53384
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53384.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-53384
Aliases
Published
2025-03-03T18:15:29.670Z
Modified
2026-04-10T05:18:51.395194Z
Severity
  • 5.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A DOM Clobbering vulnerability in tsup v8.3.4 allows attackers to execute arbitrary code via a crafted script in the import.meta.url to document.currentScript in cjs_shims.js components

References

Affected packages

Git / github.com/egoist/tsup

Affected ranges

Type
GIT
Repo
https://github.com/egoist/tsup
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
21b119374880e9d9109c5d8658429678a1de8f45
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.3.4"
        }
    ]
}

Affected versions

v1.*
v1.1.0
v1.2.0
v1.3.0
v1.3.1
v1.4.0
v1.4.1
v1.4.10
v1.4.11
v1.4.12
v1.4.13
v1.4.14
v1.4.15
v1.4.16
v1.4.17
v1.4.18
v1.4.19
v1.4.2
v1.4.20
v1.4.21
v1.4.22
v1.4.23
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.4.8
v1.4.9
v1.5.0
v1.5.1
v2.*
v2.0.0
v2.0.1
v2.0.2
v2.0.3
v2.1.0
v3.*
v3.0.0
v3.1.0
v3.1.1
v3.1.2
v3.10.0
v3.10.1
v3.11.0
v3.12.0
v3.12.1
v3.2.0
v3.3.0
v3.4.0
v3.4.1
v3.4.2
v3.4.3
v3.5.0
v3.6.0
v3.6.1
v3.7.0
v3.7.1
v3.8.0
v3.9.0
v4.*
v4.0.0
v4.0.1
v4.1.0
v4.10.0
v4.10.1
v4.11.0
v4.11.1
v4.11.2
v4.12.0
v4.12.1
v4.12.2
v4.12.3
v4.12.4
v4.12.5
v4.13.0
v4.13.1
v4.14.0
v4.2.0
v4.3.0
v4.3.1
v4.4.0
v4.5.0
v4.5.1
v4.6.0
v4.6.1
v4.7.0
v4.7.1
v4.7.2
v4.8.0
v4.8.1
v4.8.10
v4.8.11
v4.8.12
v4.8.13
v4.8.14
v4.8.15
v4.8.16
v4.8.17
v4.8.18
v4.8.19
v4.8.2
v4.8.20
v4.8.21
v4.8.3
v4.8.4
v4.8.5
v4.8.6
v4.8.7
v4.8.8
v4.8.9
v4.9.0
v4.9.1
v4.9.2
v5.*
v5.0.0
v5.1.0
v5.10.0
v5.10.1
v5.10.2
v5.10.3
v5.11.0
v5.11.1
v5.11.10
v5.11.11
v5.11.12
v5.11.13
v5.11.2
v5.11.3
v5.11.4
v5.11.5
v5.11.6
v5.11.7
v5.11.8
v5.11.9
v5.12.0
v5.12.1
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.12.6
v5.12.7
v5.12.8
v5.12.9
v5.2.0
v5.2.1
v5.3.0
v5.4.0
v5.4.1
v5.4.2
v5.4.3
v5.4.4
v5.5.0
v5.6.0
v5.6.1
v5.6.2
v5.6.3
v5.7.0
v5.7.1
v5.7.2
v5.7.3
v5.7.4
v5.8.0
v5.8.1
v5.9.0
v5.9.1
v5.9.2
v6.*
v6.0.0
v6.0.1
v6.1.0
v6.1.1
v6.1.2
v6.1.3
v6.2.0
v6.2.1
v6.2.2
v6.2.3
v6.3.0
v6.4.0
v6.5.0
v6.6.0
v6.6.1
v6.6.2
v6.6.3
v6.7.0
v7.*
v7.0.0
v7.1.0
v7.2.0
v7.3.0
v8.*
v8.0.0
v8.0.1
v8.0.2
v8.1.0
v8.1.1
v8.1.2
v8.2.0
v8.2.1
v8.2.2
v8.2.3
v8.2.4
v8.3.0
v8.3.1
v8.3.2
v8.3.3
v8.3.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53384.json"