5 matches found
CVE-2025-48935
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 2.2.0 and prior to versions 2.2.5, it is possible to bypass Deno's permission read/write db permission check by using ATTACH DATABASE statement. Version 2.2.5 contains a patch for the issue...
CVE-2025-48935 Deno has --allow-read / --allow-write permission bypass in `node:sqlite`
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 2.2.0 and prior to versions 2.2.5, it is possible to bypass Deno's permission read/write db permission check by using ATTACH DATABASE statement. Version 2.2.5 contains a patch for the issue...
CVE-2025-48935 Deno has --allow-read / --allow-write permission bypass in `node:sqlite`
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 2.2.0 and prior to versions 2.2.5, it is possible to bypass Deno's permission read/write db permission check by using ATTACH DATABASE statement. Version 2.2.5 contains a patch for the issue...
CVE-2025-48935
CVE-2025-48935 (Deno) affects Deno runtimes from 2.2.0 up to 2.2.4, where the read/write database permission check can be bypassed via the ATTACH DATABASE statement. The issue is resolved in version 2.2.5. Impact described in sources indicates a bypass of permission checks (read/write permission)...
CVE-2025-48935
creationtimestamp| type| source ---|---|--- 2025-06-03 21:00:54+00:00| published-proof-of-concept| https://github.com/denoland/deno/security/advisories/GHSA-8vxj-4cph-c596 2025-06-04 20:11:51+00:00| seen|...