CRITICAL🇬🇧 English

CVE-2021-32619

CVSS 9.8v3.1pub. 2021-05-28upd. 2024-11-21

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Deno

    APP
    Deno
    1.5.0 – 1.10.2 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-22863CRITICAL9.2PL ✓ten sam produkt

Deno node:crypto — brak finalizacji szyfru umożliwia wielokrotne szyfrowanie

CVE-2023-28445CRITICAL9.9ten sam produkt

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers pass...

CVE-2022-24783CRITICAL10.0ten sam produkt

Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclu...

CVE-2026-44726HIGH7.4ten sam produkt

Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tl...

CVE-2026-49401HIGH7.3ten sam produkt

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces ...