CRITICAL🇵🇱 Wersja polska

CVE-2021-32619

CVSS 9.8v3.1pub. 2021-05-28upd. 2024-11-21

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Deno

    APP
    Deno
    1.5.0 – 1.10.2 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-22863CRITICAL9.2PL ✓ten sam produkt

Deno node:crypto — brak finalizacji szyfru umożliwia wielokrotne szyfrowanie

CVE-2023-28445CRITICAL9.9ten sam produkt

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers pass...

CVE-2022-24783CRITICAL10.0ten sam produkt

Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclu...

CVE-2026-44726HIGH7.4ten sam produkt

Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tl...

CVE-2026-49401HIGH7.3ten sam produkt

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces ...