Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo

deno_runtime

cargo

Provides the deno runtime library

View on github.com · View on crates.io

Security Advisories for deno_runtime in cargo

Potential
High
8 months ago

Deno is Vulnerable to Command Injection on Windows During Batch File Execution GSA_kwCzR0hTQS1tMmdmLXgzZjYtOGhxM84ABNIf

cargo deno
Potential
Low
8 months ago

Deno's --deny-read check does not prevent permission bypass GSA_kwCzR0hTQS1xcTI2LTg0bWgtMjZqOc4ABNIe

cargo deno
Potential
Low
8 months ago

Deno's --deny-write check does not prevent permission bypass GSA_kwCzR0hTQS12ZzJyLXJtZ3AtY2dxas4ABNF_

cargo deno
Potential
Moderate
about 1 year ago

Deno vulnerable to Exposure of Sensitive Information to an Unauthorized Actor GSA_kwCzR0hTQS1qdjR4LWp2M2gtcWZmNc4ABIp0

cargo deno
Potential
Moderate
about 1 year ago

Deno has --allow-read / --allow-write permission bypass in `node:sqlite` GSA_kwCzR0hTQS04dnhqLTRjcGgtYzU5Ns4ABIpO

cargo deno_node, deno
Potential
Moderate
about 1 year ago

Deno.env.toObject() ignores the variables listed in --deny-env and returns all environment variables GSA_kwCzR0hTQS03dzhwLWNoeHEtMjc4Oc4ABIpN

cargo deno
Moderate
about 1 year ago

Deno run with --allow-read and --deny-read flags results in allowed GSA_kwCzR0hTQS14cXhjLXg2cDMtdzY4M84ABIpM

cargo deno_runtime, deno
Potential
High
about 1 year ago

Deno's AES GCM authentication tags are not verified GSA_kwCzR0hTQS0yeDNyLWh3djUtcDMyeM4ABIpI

cargo deno_node, deno
Potential
High
over 1 year ago

fetch: Authorization headers not dropped when redirecting cross-origin GSA_kwCzR0hTQS1mMjdwLWNtdjgteGhtNs4ABC_L

cargo deno, deno_fetch
Potential
Low
over 1 year ago

deno_doc's HTML generator vulnerable to Cross-site Scripting GSA_kwCzR0hTQS1xcXdyLWo5bW0tZmh3Ns4ABBvc

cargo deno_doc
Potential
High
about 2 years ago

Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag GSA_kwCzR0hTQS0yM3J4LWMzZzUtaHY5d84AA73I

cargo deno
Potential
High
over 2 years ago

*const c_void / ExternalPointer unsoundness leading to use-after-free GSA_kwCzR0hTQS0zajI3LTU2M3YtMjh3Zs4AA5zR

cargo Deno
Potential
High
over 2 years ago

Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass GSA_kwCzR0hTQS02cTR3LTl4NTYtcm13cc4AA5zQ

cargo deno
Potential
Moderate
over 2 years ago

Deno's improper suffix match testing for DENO_AUTH_TOKENS GSA_kwCzR0hTQS01ZnJ3LTRyd3EteGhjcs4AA5zP

cargo deno
High
over 2 years ago

Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping GSA_kwCzR0hTQS1tNHBxLWZ2MnctNmhyd84AA5xp

cargo deno_runtime, deno
Potential
High
over 2 years ago

Deno's Node.js Compatibility Runtime has Cross-Session Data Contamination GSA_kwCzR0hTQS13cnF2LXBmNmotbXFqcM4AA5xo

cargo deno
Potential
Moderate
over 2 years ago

Insufficient permission checking in `Deno.makeTemp*` APIs GSA_kwCzR0hTQS1ocnFyLWp2OHctdjlqaM4AA5xa

cargo deno
High
about 3 years ago

Missing "--allow-net" permission check for built-in Node modules GSA_kwCzR0hTQS12YzUyLWd3bTMtOHYyZs4AAzkS

cargo deno_runtime, deno
Potential
Moderate
about 3 years ago

Regular Expression Denial of Service in Deno.upgradeWebSocket API GSA_kwCzR0hTQS1qYzk3LWgzaDktN3hoNs4AAygy

cargo deno
High
about 3 years ago

Interactive `run` permission prompt spoofing via improper ANSI neutralization GSA_kwCzR0hTQS12cTY3LXJwOTMtNjVxZs4AAyUO

cargo deno, deno_runtime
Critical
about 3 years ago

Deno improperly handles resizable ArrayBuffer GSA_kwCzR0hTQS1jMjV4LWNtOXgtcXFneM4AAyRG

cargo deno_runtime, serde_v8, Deno
Potential
High
over 3 years ago

Deno is vulnerable to race condition via interactive permission prompt spoofing GSA_kwCzR0hTQS1tYzUyLWpwbTItY3FoNs4AAxFx

cargo deno
Potential
High
almost 4 years ago

Link Following in Deno GSA_kwCzR0hTQS02N2htLTI3bXgtOWNnN84AArgf

cargo deno
Potential
Critical
about 4 years ago

Sandbox bypass leading to arbitrary code execution in Deno GSA_kwCzR0hTQS04MzhoLWpxcDYtY2YyZs02gA

cargo deno
Potential
Critical
over 4 years ago

Deno's static imports inside dynamically imported modules do not adhere to permission checks GSA_kwCzR0hTQS14cHdqLTd2OHEtbWNnas0V-g

cargo deno

Filter by Severity

High 12 Moderate 7 Low 3 Critical 3