Lucene search
+L

8 matches found

CVE
CVE
added 2026/06/23 5:24 p.m.20 views

CVE-2026-44726

Summary: CVE-2026-44726 affects Deno up to 2.7.7, where a flaw in Deno’s Node.js TLS compatibility layer can cause plaintext data to be sent after a connection retry when autoSelectFamily is enabled. The root cause is that the socket reinitialization path reuses a stale TLS upgrade hook tied to t...

9.1CVSS5.9AI score0.00142EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 5:18 p.m.37 views

CVE-2026-49411 Deno Node TCPWrap numeric hostname aliases bypass --deny-net resolved-IP deny checks

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.0, the Node.js compatibility TCP path checked the permission against the original hostname string before resolution and then did not re-check after resolution. A caller could therefore pass a numeric alias of an IP address fo...

6.5CVSS0.00111EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 5:18 p.m.15 views

CVE-2026-49411

Summary (technical, grounded): CVE-2026-49411 affects Deno’s Node.js compatibility TCP path. Prior to v2.8.0, permission checks for deny-net were performed on the original hostname string before DNS resolution and not re-checked after resolution. This allowed a numeric IP alias (for example 21307...

6.5CVSS5.8AI score0.00111EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/06/16 7:9 p.m.5 views

GHSA-V8FW-85R8-5M23 Deno: Node TCPWrap numeric hostname aliases bypass --deny-net resolved-IP deny checks

Summary Deno's network permission model is designed so that --deny-net rules apply to the resolved IP address of a destination, not just the literal string supplied by the caller. That means --deny-net=127.0.0.1 or --deny-net=127.0.0.0/8 is expected to block any attempt to reach loopback,...

6.5CVSS5.6AI score0.00111EPSS
Exploits1References2
OSV
OSV
added 2026/06/16 7:4 p.m.6 views

GHSA-4C8G-JVCX-V4HV Deno: process.loadEnvFile() bypasses env permission checks and mutates process.env with only read access

Summary In Deno, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist with --allow-env=FOO,BAR. The expectation is that a program running without env permission cannot change process.env. process.loadEnvFile the Node-compatible...

5.2CVSS5.4AI score0.00098EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.21 views

PT-2026-50148

Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.8.0 Description The Node.js compatibility TCP path fails to re-verify network permissions after hostname resolution. While the network permission model is intended to apply rules to the resolved IP address, affected...

6.5CVSS5.9AI score0.00111EPSS
Exploits1References6
CNNVD
CNNVD
added 2024/03/21 12:0 a.m.6 views

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno versions 1.35.1 through 1.36.3, which stems from a Node.js compatibility issue that reuses the global buffer in streamwrap.ts...

8.3CVSS6.6AI score0.00722EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-22149 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno versions 1.35.1 through 1.36.2 Description: A vulnerability in Deno's Node.js compatibility runtime allows for cross-session data contamination during simultaneous asynchronous reads from Node.js streams sourced from sockets or files. Th...

8.3CVSS7.6AI score0.00722EPSS
Exploits1References8
Rows per page
Query Builder