Lucene search

K
DenoDeno

4 matches found

CVE
CVE
added 2021/05/28 9:15 p.m.80 views

CVE-2021-32619

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through import() or new Worker might have been able to bypass network and file system permission checks when statically importing other modules....

9.8CVSS9.6AI score0.00363EPSS
CVE
CVE
added 2023/03/24 12:15 a.m.56 views

CVE-2023-28445

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the on...

9.9CVSS9.4AI score0.00283EPSS
CVE
CVE
added 2023/05/31 6:15 p.m.37 views

CVE-2023-33966

Deno is a runtime for JavaScript and TypeScript. In deno 1.34.0 and deno_runtime 0.114.0, outbound HTTP requests made using the built-in node:http or node:https modules are incorrectly not checked against the network permission allow list (--allow-net). Dependencies relying on these built-in module...

9.8CVSS9.2AI score0.00141EPSS
CVE
CVE
added 2025/06/04 8:15 p.m.37 views

CVE-2025-48935

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 2.2.0 and prior to versions 2.2.5, it is possible to bypass Deno's permission read/write db permission check by using ATTACH DATABASE statement. Version 2.2.5 contains a patch for the issue.

9.1CVSS6.9AI score0.00058EPSS