6 matches found
CVE-2024-27936
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request...
SUSE CVE-2024-27936
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request...
CVE-2024-27936 Deno interactive permission prompt spoofing via improper ANSI stripping
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request...
CVE-2024-27936
CVE-2024-27936 (Deno) affects Deno runtime prior to 1.41.0. Maliciously crafted permission requests could inject a broken ANSI escape sequence, causing the prompt to display spoofed content (e.g., file path or program name) while permissions granted reflect the original input. This is resolved in...
CVE-2024-27936 Deno interactive permission prompt spoofing via improper ANSI stripping
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request...
CVE-2024-27936
creationtimestamp| type| source ---|---|--- 2024-03-05 17:27:58+00:00| published-proof-of-concept| https://github.com/denoland/deno/security/advisories/GHSA-m4pq-fv2w-6hrw...