Security Advisories for deno_node in cargo
Potential
High
8 months ago
Deno is Vulnerable to Command Injection on Windows During Batch File Execution
cargo
deno
Potential
Potential
Potential
Moderate
12 months ago
Deno vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
cargo
deno
Moderate
12 months ago
Deno has --allow-read / --allow-write permission bypass in `node:sqlite`
cargo
deno_node, deno
Potential
Moderate
12 months ago
Deno.env.toObject() ignores the variables listed in --deny-env and returns all environment variables
cargo
deno_runtime, deno
Potential
Moderate
12 months ago
Deno run with --allow-read and --deny-read flags results in allowed
cargo
deno_runtime, deno
Potential
High
over 1 year ago
fetch: Authorization headers not dropped when redirecting cross-origin
cargo
deno, deno_fetch
Potential
Potential
High
about 2 years ago
Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag
cargo
deno
Potential
High
about 2 years ago
*const c_void / ExternalPointer unsoundness leading to use-after-free
cargo
Deno
Potential
High
about 2 years ago
Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass
cargo
deno
Potential
Potential
High
about 2 years ago
Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping
cargo
deno_runtime, deno
Potential
High
about 2 years ago
Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination
cargo
deno
Potential
Potential
High
almost 3 years ago
Missing "--allow-net" permission check for built-in Node modules
cargo
deno_runtime, deno
Potential
Moderate
about 3 years ago
Regular Expression Denial of Service in Deno.upgradeWebSocket API
cargo
deno
Potential
High
about 3 years ago
Interactive `run` permission prompt spoofing via improper ANSI neutralization
cargo
deno, deno_runtime
Potential
Critical
about 3 years ago
Deno improperly handles resizable ArrayBuffer
cargo
deno_runtime, serde_v8, Deno
Potential
High
over 3 years ago
Deno is vulnerable to race condition via interactive permission prompt spoofing
cargo
deno
Potential
Potential
Potential
Critical
over 4 years ago
Deno's static imports inside dynamically imported modules do not adhere to permission checks
cargo
deno