Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:8 a.m.21 views

CVE-2024-27933

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node childproce...

8.8CVSS7.6AI score0.02276EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2024/03/22 4:17 a.m.3 views

SUSE CVE-2024-27933

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node childproce...

8.8CVSS7.6AI score0.02276EPSS
Exploits1References3
CVE
CVE
added 2024/03/06 8:52 p.m.103 views

CVE-2024-27933

Summary: CVE-2024-27933 affects Deno 1.39.0, where use of raw file descriptors in op_node_ipc_pipe() can prematurely close arbitrary fds, enabling silent permission-prompt bypass and potential arbitrary code execution on the host when an attacker controls code in the Deno runtime. The issue arise...

8.8CVSS8.4AI score0.02276EPSS
Exploits1References10Affected Software1
OSV
OSV
added 2024/03/06 8:52 p.m.28 views

CVE-2024-27933 Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node childproce...

8.2CVSS7.3AI score0.02276EPSS
Exploits1References12
Rows per page
Query Builder