Deno Runtime Security Vulnerabilities and Issues — Deno Runtime CVE List

Lucene search

DenoDeno Runtime

3 matches found

CVE•added 2024/03/21 2:52 a.m.•68 views

CVE-2024-27936

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. Starting in version 1.32.1 and prior to version 1.41.0 of the deno library, maliciously crafted permission request can show the spoofed permission prompt by inserting a broken ANSI escape sequence into the request conte...

8.8CVSS8.6AI score0.0052EPSS

CVE•added 2023/03/24 12:15 a.m.•56 views

CVE-2023-28445

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the on...

9.9CVSS9.4AI score0.00283EPSS

CVE•added 2023/05/31 6:15 p.m.•37 views

CVE-2023-33966

Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and deno_runtime 0.114.0, outbound HTTP requests made using the built-in node:http or node:https modules are incorrectly not checked against the network permission allow list (--allow-net). Dependencies relying on these built-in module...

9.8CVSS9.2AI score0.00141EPSS