Filtered by vendor Deno
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41641 | 1 Deno | 1 Deno | 2022-06-21 | 3.6 LOW | 8.4 HIGH |
| Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory. | |||||
| CVE-2021-42139 | 1 Deno | 1 Deno Standard Modules | 2021-11-04 | 6.8 MEDIUM | 9.8 CRITICAL |
| Deno Standard Modules before 0.107.0 allows Code Injection via an untrusted YAML file in certain configurations. | |||||
| CVE-2021-32619 | 1 Deno | 1 Deno | 2021-06-08 | 7.5 HIGH | 9.8 CRITICAL |
| Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2. | |||||