3 matches found
deno_cli (>=0.18.0-preview4 <=0.23.0), deno_cli_snapshots (>=0.0.3 <=0.19.0) +2 more potentially affected by CVE-2021-41641 via deno (>=0.15.0 <=0.6.0)
deno CARGO version =0.15.0, =0.18.0-preview4, =0.0.3, =0.0.1, =0.23.0 Source cves: CVE-2021-41641 Source advisory: OSV:GHSA-67HM-27MX-9CG7...
CVE-2021-41641
Deno =1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory...
CVE-2021-41641
CVE-2021-41641 affects Deno up to version 1.14.0, where the file sandbox mishandles symbolic links. When Deno runs with specific write access, the Deno.symlink method can be used to gain access to arbitrary directories. Multiple connected advisories (Red Hat, GHSA, OSV, NVD listings) describe the...