4 matches found
CVE-2023-22499 vulnerabilities
Vulnerabilities for packages: deno...
CVE-2023-22499 vulnerabilities
Vulnerabilities for packages: deno...
CVE-2023-22499
CVE-2023-22499 (Deno) describes a race-condition vulnerability where multi-threaded code could spoof the interactive permission prompt by rewriting the prompt, potentially clearing the terminal and displaying a generic message. Affected component: Deno runtime (JavaScript/TypeScript, built with R...
CVE-2023-22499 Interactive permission prompt spoofing in Deno
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the...