VYPR

npm package

vitest

pkg:npm/vitest

Vulnerabilities (1)

  • CVE-2025-24964Feb 4, 2025
    affected >= 1.0.0, < 1.6.1fixed 1.6.1

    Vitest is a testing framework powered by Vite. Affected versions are subject to arbitrary remote Code Execution when accessing a malicious website while Vitest API server is listening by Cross-site WebSocket hijacking (CSWSH) attacks. When `api` option is enabled (Vitest UI enabl