Описание
Link Following in Deno
Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory.
Пакеты
Наименование
deno
rust
Затронутые версииВерсия исправления
< 1.16.0
1.16.0
Связанные уязвимости
CVSS3: 8.4
nvd
больше 3 лет назад
Deno <=1.14.0 file sandbox does not handle symbolic links correctly. When running Deno with specific write access, the Deno.symlink method can be used to gain access to any directory.