8 matches found
CVE-2025-61786
Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...
GHSA-QQ26-84MH-26J9 Deno's --deny-read check does not prevent permission bypass
Summary Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explicit read access to the script is executed with --deny-read=./ Similar APIs like Deno.stat a...
Deno's --deny-read check does not prevent permission bypass
Summary Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explicit read access to the script is executed with --deny-read=./ Similar APIs like Deno.stat a...
CVE-2025-61786 Deno's --deny-read check does not prevent permission bypass
Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...
EUVD-2025-33180
Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...
CVE-2025-61786
Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...
CVE-2025-61786 Deno's --deny-read check does not prevent permission bypass
Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...
PT-2025-41209
Name of the Vulnerable Software and Affected Versions Deno versions prior to 2.5.3 Deno versions prior to 2.2.15 Description Deno is a JavaScript, TypeScript, and WebAssembly runtime. The Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync functions do not enforce the --deny-read=./...