| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Access restriction bypass |
|
| Description |
| + |
In Deno versions 1.5.0 to 1.10.1, modules that are dynamically imported through `import()` or `new Worker` might have been able to bypass network and file system permission checks when statically importing other modules. The vulnerability has been patched in Deno release 1.10.2. |
|
| References |
| + |
https://github.com/denoland/deno/security/advisories/GHSA-xpwj-7v8q-mcgj |
| + |
https://github.com/denoland/deno/commit/ca1d82a472e3c46cbe69511c64b02681197d03f8 |
|
| Notes |
|