13 matches found
EUVD-2008-1688
Malware in sbrugna...
CVE-2024-27931 Insufficient permission checking in `Deno.makeTemp*` APIs
Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Insufficient validation of parameters in Deno.makeTemp APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect othe...
CVE-2024-27931
CVE-2024-27931 concerns Deno, a JavaScript/TypeScript runtime. The issue is insufficient validation of parameters in the Deno.makeTemp* APIs, which can allow a user to create files outside of the intended directories via path traversal in the provided prefix/suffix. The documented impact is poten...
GHSA-HRQR-JV8W-V9JH Insufficient permission checking in `Deno.makeTemp*` APIs
Impact Insufficient validation of parameters in Deno.makeTemp APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system that may affect other systems. A user may provide a prefix or suffix to a Deno.makeTemp API...
PT-2024-22145 · Deno · Deno
Name of the Vulnerable Software and Affected Versions: Deno versions prior to 1.41.1 Description: Insufficient validation of parameters in Deno.makeTemp APIs would allow for creation of files outside of the allowed directories. This may allow the user to overwrite important files on the system th...
Deno security breach
Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and built with Rust. A security vulnerability exists in Deno versions prior to 1.41.1, which stems from insufficient validation of parameters in the Deno.makeTemp API, allowing an attacker ...
Code injection
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
DEBIAN-CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...
CVE-2008-1687
The CVE-2008-1687 issue affects GNU m4 up to version 1.4.10; the maketemp and mkstemp builtins do not quote their output when creating a file, which can let an attacker trigger a macro expansion and cause the program to use an incorrect filename. The root cause is unquoted output during file crea...