Severity |
|
Remote |
|
Type |
- |
Unknown |
+ |
Access restriction bypass |
|
Description |
+ |
In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2. |
|
References |
+ |
https://github.com/denoland/deno/security/advisories/GHSA-xpwj-7v8q-mcgj |
+ |
https://github.com/denoland/deno/commit/ca1d82a472e3c46cbe69511c64b02681197d03f8 |
|
Notes |
|