CVE-2021-32619 log
Source |
|
Severity | Critical |
Remote | Yes |
Type | Access restriction bypass |
Description | In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2015 | deno | 1.10.1-1 | 1.10.2-1 | Critical | Fixed |
References |
---|
https://github.com/denoland/deno/security/advisories/GHSA-xpwj-7v8q-mcgj https://github.com/denoland/deno/commit/ca1d82a472e3c46cbe69511c64b02681197d03f8 |