Количество 2
Количество 2
CVE-2022-24783
Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass all permission checks and execute arbitrary shell code. This vulnerability does not affect users of Deno Deploy. The vulnerability has been patched in Deno 1.20.3. There is no workaround. All users are recommended to upgrade to 1.20.3 immediately.
GHSA-838h-jqp6-cf2f
Sandbox bypass leading to arbitrary code execution in Deno
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-24783 Deno is a runtime for JavaScript and TypeScript. The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass all permission checks and execute arbitrary shell code. This vulnerability does not affect users of Deno Deploy. The vulnerability has been patched in Deno 1.20.3. There is no workaround. All users are recommended to upgrade to 1.20.3 immediately. | CVSS3: 10 | 0% Низкий | почти 4 года назад |
| GHSA-838h-jqp6-cf2f Sandbox bypass leading to arbitrary code execution in Deno | CVSS3: 10 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу