SUSE CVE-2024-27935

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets o...

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno versions 1.35.1 through 1.36.3, which stems from a Node.js compatibility issue that reuses the global buffer in streamwrap.ts...

CVE-2024-27935 Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.35.1 and prior to version 1.36.3, a vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets o...

Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination

Summary A vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. The issue arises from the re-use of a global buffer BUF in streamwrap.ts used as a performance...

GHSA-WRQV-PF6J-MQJP Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination

Summary A vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. The issue arises from the re-use of a global buffer BUF in streamwrap.ts used as a performance...

PT-2024-22149 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno versions 1.35.1 through 1.36.2 Description: A vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. Th...

UBUNTU-CVE-2010-5298

Race condition in the ssl3readbytes function in s3pkt.c in OpenSSL through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service use-after-free and parsing error via an SSL connection in a multithreaded environment...