Lucene search
K

24 matches found

Github Security Blog
Github Security Blog
added 2026/06/16 7:11 p.m.8 views

Deno: Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)

Summary Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path supplied to --deny-read, --deny-write, --deny-run, or --deny-ffi. On macOS, that comparison was done at the raw-byte level while the APFS filesystem treats different...

8.4CVSS5.8AI score0.00144EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50145

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.7.14 Description Deno's permission system on macOS enforces filesystem and execution restrictions by comparing requested paths against those supplied to --deny-read, --deny-write, --deny-run, or --deny-ffi. The...

7.3CVSS6AI score0.00144EPSS
Exploits1References4
OSV
OSV
added 2026/04/14 1:10 p.m.4 views

JLSEC-2026-112 Deno's --deny-read check does not prevent permission bypass

Summary Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explicit read access to the script is executed with --deny-read=./ Similar APIs like Deno.stat a...

3.3CVSS5.8AI score0.00178EPSS
Exploits1References7
OSV
OSV
added 2026/04/14 1:10 p.m.4 views

JLSEC-2026-109 Deno run with --allow-read and --deny-read flags results in allowed

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...

6.9CVSS5.8AI score0.00342EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/10/09 1:13 a.m.4 views

CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6.5AI score0.00178EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/10/08 5:56 p.m.7 views

Deno's --deny-read check does not prevent permission bypass

Summary Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explicit read access to the script is executed with --deny-read=./ Similar APIs like Deno.stat a...

3.3CVSS6.7AI score0.00178EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2025/10/08 5:56 p.m.6 views

GHSA-QQ26-84MH-26J9 Deno's --deny-read check does not prevent permission bypass

Summary Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explicit read access to the script is executed with --deny-read=./ Similar APIs like Deno.stat a...

3.3CVSS6.7AI score0.00178EPSS
Exploits1References7
NVD
NVD
added 2025/10/08 1:15 a.m.4 views

CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS0.00178EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/10/08 12:49 a.m.1 views

CVE-2025-61786 Deno's --deny-read check does not prevent permission bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6.2AI score0.00178EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/10/08 12:49 a.m.8 views

CVE-2025-61786 Deno's --deny-read check does not prevent permission bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS0.00178EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2025/10/08 12:49 a.m.3 views

CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6.6AI score0.00178EPSS
Exploits1References5
OSV
OSV
added 2025/10/08 12:49 a.m.5 views

CVE-2025-61786 Deno's --deny-read check does not prevent permission bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6.3AI score0.00178EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/08 12:49 a.m.6 views

EUVD-2025-33180

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6AI score0.00178EPSS
Exploits1References6
CVE
CVE
added 2025/10/08 12:49 a.m.16 views

CVE-2025-61786

CVE-2025-61786 affects the Deno runtime: prior to versions 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync bypass the permission check when --deny-read=./ is used, allowing retrieval of file stats from files the user does not have explicit read access to. The vulne...

3.3CVSS6.2AI score0.00178EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/08 12:0 a.m.7 views

PT-2025-41209

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.5.3 Deno versions prior to 2.2.15 Description Deno is a JavaScript, TypeScript, and WebAssembly runtime. The Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync functions do not enforce the --deny-read=./...

3.3CVSS6.4AI score0.00178EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-20950

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00365EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/06/06 2:14 a.m.1 views

SUSE CVE-2025-48888

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...

6.9CVSS6.8AI score0.00342EPSS
Exploits1References3
OSV
OSV
added 2025/06/04 9:13 p.m.3 views

GHSA-XQXC-X6P3-W683 Deno run with --allow-read and --deny-read flags results in allowed

Summary deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. Same with all global unary permissions given as --allow- --deny-. Details Caused by the fast exit logic in 22894. PoC Run the above command expecting no permissions to be passed. Impact Th...

6.9CVSS7.2AI score0.00342EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2025/06/04 9:13 p.m.13 views

Deno run with --allow-read and --deny-read flags results in allowed

Summary deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. Same with all global unary permissions given as --allow- --deny-. Details Caused by the fast exit logic in 22894. PoC Run the above command expecting no permissions to be passed. Impact Th...

6.9CVSS6.9AI score0.00342EPSS
Exploits1References8Affected Software2
CNNVD
CNNVD
added 2025/06/04 12:0 a.m.3 views

Deno 安全漏洞

Deno is a simple, modern and secure JavaScript and TypeScript runtime environment from Deno Open Source. A security vulnerability exists in Deno versions prior to 2.1.13, prior to 2.2.13, and prior to 2.3.2, which stems from the deny-read permission not being in effect correctly, which could lead...

6.9CVSS6.3AI score0.00342EPSS
Exploits1References6
Rows per page
Query Builder